Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wireapp — Vulnerabilities & Security Advisories 28

Browse all 28 CVE security advisories affecting wireapp. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by wireapp:wire-ioswire-webappwire-serverwire-avswire-desktoprestundwire-ios-transport
CVE IDTitleCVSSSeverityPublished
CVE-2025-49846 wire-ios accidentally logs message contents — wire-iosCWE-117 4.6AIMediumAI2025-07-03
CVE-2025-48066 wire-webapp has no database deletion on client logout — wire-webappCWE-226 6.0 Medium2025-05-22
CVE-2025-48061 wire-webapp Has Insufficient Session Invalidation after User Logout — wire-webappCWE-613 5.6 Medium2025-05-22
CVE-2023-48221 wire-avs remote format string vulnerability — wire-avsCWE-134 7.3 High2023-11-20
CVE-2023-22737 wire-server vulnerable to unauthorized removal of Bots from Conversations — wire-serverCWE-862 6.5 Medium2023-01-27
CVE-2022-39380 wire-webapp contains Improper Handling of Exceptional Conditions leading to a DoS via Markdown Rendering — wire-webappCWE-755 5.3 Medium2023-01-27
CVE-2022-31122 Wire-server vulnerable to Token Recipient Confusion resulting in account impersonation, deletion or malicious account creation — wire-serverCWE-287 9.8 Critical2022-10-18
CVE-2022-29168 Cross Site Scripting in Wire Messages — wire-webappCWE-79 9.6 Critical2022-06-25
CVE-2022-31009 DoS vulnerability: Invalid Accent Colors — wire-iosCWE-617 5.7 Medium2022-06-23
CVE-2022-24799 Cross Site Scripting in Wire Webapp — wire-webappCWE-79 9.6 Critical2022-04-20
CVE-2021-41119 DoS vulnerabiliity in wire-server json parser — wire-serverCWE-400 5.3 Medium2022-04-13
CVE-2022-23610 Improper Verification of Cryptographic Signature in wire-server — wire-serverCWE-347 9.1 Critical2022-03-16
CVE-2022-23625 DoS vulnerability: Malformed Resource Identifiers — wire-iosCWE-755 6.5 Medium2022-03-11
CVE-2021-41193 Use of Externally-Controlled Format String in wire-avs — wire-avsCWE-134 9.8 Critical2022-03-01
CVE-2022-23605 Expired Ephemeral Messages not reliably removed in wire-webapp — wire-webappCWE-212 4.4 Medium2022-02-04
CVE-2021-41100 Account takeover when having only access to a user's short lived token in wire-server — wire-serverCWE-285 7.4 High2021-10-04
CVE-2021-41094 Mandatory encryption at rest can be bypassed (UI) in Wire app — wire-iosCWE-668 4.2 Medium2021-10-04
CVE-2021-41093 Account takeover when having only access to a user's short lived token — wire-iosCWE-285 7.4 High2021-10-04
CVE-2021-41101 CORS `Access-Control-Allow-Origin` settings are too lenient — wire-serverCWE-79 5.7 Medium2021-09-30
CVE-2021-32755 Certificate pinning is not enforced on the web socket connection — wire-ios-transportCWE-295 5.4 Medium2021-07-13
CVE-2021-32683 XSS through createObjectURL — wire-webappCWE-79 8.8 High2021-06-15
CVE-2021-21382 Unsafe loopback forwarding interface in Restund — restundCWE-668 8.6 High2021-06-11
CVE-2021-32666 Asset DoS vulnerability — wire-iosCWE-20 6.5 Medium2021-06-03
CVE-2021-32665 Verified groups not reliable — wire-iosCWE-345 8.8 High2021-06-03
CVE-2021-21400 Entering code in App Lock modal sends input to conversation — wire-webappCWE-200 7.1 High2021-04-02
CVE-2021-21396 Bulk list client endpoint exposes too much metadata about a client — wire-serverCWE-200 6.5 Medium2021-03-26
CVE-2021-21301 Video feed was captured while user has disabled video — wire-iosCWE-200 2.6 Low2021-02-11
CVE-2020-15258 Insecure use of shell.openExternal in Wire — wire-desktopCWE-20 8.0 High2020-10-16

This page lists every published CVE security advisory associated with wireapp. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.