Signal Private Messenger — known CVE vulnerabilities
Every CVE whose affected-product data names Signal Private Messenger, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2019-17192 — CVSS 9.8 (critical): The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before…
CVE-2019-17191 — CVSS 7.5 (high): The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user…
CVE-2019-9970 — CVSS 6.5 (medium): Open Whisper Signal (aka Signal-Desktop) through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are…
CVE-2020-5753 — CVSS 5.3 (medium): Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and…
CVE-2018-3988 — CVSS 4.7 (medium): Signal Messenger for Android 4.24.8 may expose private information when using "disappearing messages." If a user uses the photo feature…