Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
keybase keybase vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2021-34422
The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when checking the name of a file uploaded to a team folder. A malicious user could upload a file to a shared folder with a specially crafted file name which could allow a user to execute a...
Keybase Keybase
2.1
CVSSv2
CVE-2021-23827
Keybase Desktop Client prior to 5.6.0 on Windows and macOS, and prior to 5.6.1 on Linux, allows an malicious user to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after d...
Keybase Keybase
7.5
CVSSv2
CVE-2019-7249
In Keybase prior to 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn't have root access) to tamper with another's installs.
Keybase Keybase
7.2
CVSSv2
CVE-2021-34426
A vulnerability exists in the Keybase Client for Windows before version 5.6.0 when a user executed the "keybase git lfs-config" command on the command-line. In versions before 5.6.0, a malicious actor with write access to a user\'s Git repository could leverage thi...
Keybase Keybase
4.3
CVSSv2
CVE-2022-22779
The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. T...
Keybase Keybase
7.2
CVSSv2
CVE-2018-18629
An issue exists in the Keybase command-line client prior to 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary.
Keybase Keybase
4.3
CVSSv2
CVE-2021-34421
The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages. Thi...
Keybase Keybase 5.8.0
5
CVSSv2
CVE-2019-16992
The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation (that an address at keybase.io can be used for Stellar payments to the user), which might be incompatible with a use...
Keybase Keybase 2.13.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started