CVE-2025-27839
LOWDescription
operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation (genuineness check) that causes verification results to be disregarded during the first scan of a card. Exploitation may not have been possible.
CVSS v3.1 Score
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2025-27839? +
How severe is CVE-2025-27839? +
How do I check if I'm vulnerable to CVE-2025-27839? +
Related Vulnerabilities
Misskey is an open source, federated social media platform. The patch for CVE-2024-52591 did not sufficiently validate the relation between …
A flaw was found in Keycloak Policy Enforcer. This vulnerability allows any authenticated user to bypass all authorization policies, including …
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and zebra-consensus version 5.0.2, a logic …
HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement …
Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl (inet_tls_dist module) allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. …
Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could …