Telegram Telegram Desktop — known CVE vulnerabilities
Every CVE whose affected-product data names Telegram Telegram Desktop, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2018-17613 — CVSS 9.8 (critical): Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is enabled, sends credentials and application data in cleartext over the…
CVE-2019-10044 — CVSS 8.8 (high): Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph…
CVE-2020-17448 — CVSS 7.8 (high): Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as…
CVE-2018-17231 — CVSS 7.5 (high): Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of service (assertion failure and application exit) via an…
CVE-2021-47793 — CVSS 7.5 (high): Telegram Desktop 2.9.2 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized…
CVE-2018-17780 — CVSS 6.5 (medium): Telegram Desktop (aka tdesktop) 1.3.14, and Telegram 3.3.0.0 WP8.1 on Windows, leaks end-user public and private IP addresses during a call…
CVE-2020-12474 — CVSS 6.5 (medium): Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, and Telegram through 6.0.1 for iOS allow an IDN Homograph attack via…
CVE-2021-36769 — CVSS 5.3 (medium): A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8. An…
CVE-2020-25824 — CVSS 2.4 (low): Telegram Desktop through 2.4.3 does not require passcode entry upon pushing the Export key within the Export Telegram Data wizard. The…