Skip to main content

Authy Authenticator

1 CVEs product

Monthly

CVE-2024-39891 MEDIUM KEV THREAT This Month

In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-number data, as exploited in the wild in. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Google Authy Authy Authenticator
NVD
CVSS 3.1
5.3
EPSS
1.5%
EPSS 1% CVSS 5.3
MEDIUM KEV THREAT This Month

In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-number data, as exploited in the wild in. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Google +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy