Vulnerabilities > Telegram

DATE CVE VULNERABILITY TITLE RISK
2023-05-19 CVE-2023-26818 Incorrect Authorization vulnerability in Telegram 9.3.1/9.4
Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag.
local
low complexity
telegram CWE-863
5.5
2022-12-06 CVE-2022-43363 Cross-site Scripting vulnerability in Telegram 15.3.1
** DISPUTED ** Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website.
network
low complexity
telegram CWE-79
6.1
2021-10-04 CVE-2021-41861 Unspecified vulnerability in Telegram
The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248.
local
low complexity
telegram
2.1
2021-09-06 CVE-2021-40532 Unspecified vulnerability in Telegram web K Alpha
Telegram Web K Alpha before 0.7.2 mishandles the characters in a document extension.
network
low complexity
telegram
7.5
2021-07-30 CVE-2021-37596 Cross-site Scripting vulnerability in Telegram web K Alpha 0.6.1
Telegram Web K Alpha 0.6.1 allows XSS via a document name.
network
telegram CWE-79
4.3
2021-07-17 CVE-2021-36769 Inadequate Encryption Strength vulnerability in Telegram
A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8.
network
low complexity
telegram CWE-326
5.0
2021-05-18 CVE-2021-31315 Out-of-bounds Write vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the blit function of their custom fork of the rlottie library.
network
telegram CWE-787
4.3
2021-05-18 CVE-2021-31317 Type Confusion vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the VDasher constructor of their custom fork of the rlottie library.
network
telegram CWE-843
4.3
2021-05-18 CVE-2021-31318 Type Confusion vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie library.
network
telegram CWE-843
4.3
2021-05-18 CVE-2021-31319 Integer Overflow or Wraparound vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library.
network
telegram CWE-190
4.3