{"api_version":"1","generated_at":"2026-04-10T16:41:46+00:00","cve":"CVE-2026-33875","urls":{"html":"https://cve.report/CVE-2026-33875","api":"https://cve.report/api/cve/CVE-2026-33875.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-33875","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-33875"},"summary":{"title":"Authenticator Vulnerable to Authentication Flow Hijack","description":"Gematik Authenticator securely authenticates users for login to digital health applications. Versions prior to 4.16.0 are vulnerable to authentication flow hijacking, potentially allowing attackers to authenticate with the identities of victim users who click on a malicious deep link. Update Gematik Authenticator to version 4.16.0 or greater to receive a patch. There are no known workarounds.","state":"PUBLISHED","assigner":"GitHub_M","published_at":"2026-03-27 21:17:24","updated_at":"2026-04-03 16:16:40"},"problem_types":["CWE-940","CWE-940 CWE-940: Improper Verification of Source of a Communication Channel"],"metrics":[{"version":"3.1","source":"security-advisories@github.com","type":"Secondary","score":"9.3","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"DECLARED","score":"9.3","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":9.3,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","version":"3.1"}}],"references":[{"url":"https://www.machinespirits.com/advisory/f41e56/","name":"https://www.machinespirits.com/advisory/f41e56/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/gematik/app-Authenticator/security/advisories/GHSA-qg87-cf56-2rmr","name":"https://github.com/gematik/app-Authenticator/security/advisories/GHSA-qg87-cf56-2rmr","refsource":"security-advisories@github.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-33875","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33875","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"gematik","product":"app-Authenticator","version":"affected < 4.16.0","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2026","cve_id":"33875","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gematik","cpe5":"authenticator","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"33875","cve":"CVE-2026-33875","epss":"0.000720000","percentile":"0.218060000","score_date":"2026-04-07","updated_at":"2026-04-08 00:03:39"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-33875","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-03-30T18:57:25.759977Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-03-30T18:57:32.634Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"},{"providerMetadata":{"dateUpdated":"2026-04-03T15:21:15.316Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"url":"https://www.machinespirits.com/advisory/f41e56/"}],"title":"CVE Program Container","x_generator":{"engine":"ADPogram 0.0.1"}}],"cna":{"affected":[{"product":"app-Authenticator","vendor":"gematik","versions":[{"status":"affected","version":"< 4.16.0"}]}],"descriptions":[{"lang":"en","value":"Gematik Authenticator securely authenticates users for login to digital health applications. Versions prior to 4.16.0 are vulnerable to authentication flow hijacking, potentially allowing attackers to authenticate with the identities of victim users who click on a malicious deep link. Update Gematik Authenticator to version 4.16.0 or greater to receive a patch. There are no known workarounds."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":9.3,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-940","description":"CWE-940: Improper Verification of Source of a Communication Channel","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-03-27T20:25:15.850Z","orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M"},"references":[{"name":"https://github.com/gematik/app-Authenticator/security/advisories/GHSA-qg87-cf56-2rmr","tags":["x_refsource_CONFIRM"],"url":"https://github.com/gematik/app-Authenticator/security/advisories/GHSA-qg87-cf56-2rmr"}],"source":{"advisory":"GHSA-qg87-cf56-2rmr","discovery":"UNKNOWN"},"title":"Authenticator Vulnerable to Authentication Flow Hijack"}},"cveMetadata":{"assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","assignerShortName":"GitHub_M","cveId":"CVE-2026-33875","datePublished":"2026-03-27T20:25:15.850Z","dateReserved":"2026-03-24T15:10:05.679Z","dateUpdated":"2026-04-03T15:21:15.316Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-03-27 21:17:24","lastModifiedDate":"2026-04-03 16:16:40","problem_types":["CWE-940","CWE-940 CWE-940: Improper Verification of Source of a Communication Channel"],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.8}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gematik:authenticator:*:*:*:*:*:*:*:*","versionEndExcluding":"4.16.0","matchCriteriaId":"B6F3F2CC-8AAB-467C-A2CB-D8D994FB4195"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"33875","Ordinal":"1","Title":"Authenticator Vulnerable to Authentication Flow Hijack","CVE":"CVE-2026-33875","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"33875","Ordinal":"1","NoteData":"Gematik Authenticator securely authenticates users for login to digital health applications. Versions prior to 4.16.0 are vulnerable to authentication flow hijacking, potentially allowing attackers to authenticate with the identities of victim users who click on a malicious deep link. Update Gematik Authenticator to version 4.16.0 or greater to receive a patch. There are no known workarounds.","Type":"Description","Title":"Authenticator Vulnerable to Authentication Flow Hijack"}]}}}