CVE.report search for "Telegram"
Listed below are 50 relevant search results for "Telegram" based on Vendor, Software, and CVE description
These results are gathered from attempted matches with listed vendor and software data, as well as a keyword search in the description of all known CVEs.
If you notice a "Not Listed" in either the vendor or software columns, the underlying source record does not currently include normalized affected-product data.
Search Results
| CVE ID | Vendor | Software | Description |
|---|---|---|---|
| CVE-2026-41331 | OpenClaw before 2026.3.31 contains a resource consumption vulnerability in Telegram audio preflight transcription that allows... | ||
| CVE-2026-35661 | Openclaw | Openclaw | OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows atta... |
| CVE-2026-35628 | Openclaw | Openclaw | OpenClaw before 2026.3.25 contains a missing rate limiting vulnerability in Telegram webhook authentication that allows attac... |
| CVE-2026-32982 | Openclaw | Openclaw | OpenClaw before 2026.3.13 contains an information disclosure vulnerability in the fetchRemoteMedia function that exposes Tele... |
| CVE-2026-32980 | Openclaw | Openclaw | OpenClaw before 2026.3.13 reads and buffers Telegram webhook request bodies before validating the x-telegram-bot-api-secret-t... |
| CVE-2026-23807 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Socio WP Telegram Wi... | ||
| CVE-2025-68589 | Missing Authorization vulnerability in WP Socio WP Telegram Widget and Join Link wptelegram-widget allows Exploiting Incorrec... | ||
| CVE-2025-62993 | Missing Authorization vulnerability in rainafarai Notification for Telegram notification-for-telegram allows Exploiting Incor... | ||
| CVE-2025-58794 | Cross-Site Request Forgery (CSRF) vulnerability in rainafarai Notification for Telegram notification-for-telegram allows Cros... | ||
| CVE-2025-48268 | Missing Authorization vulnerability in Guru Team Bot for Telegram on WooCommerce bot-for-telegram-on-woocommerce allows Explo... | ||
| CVE-2025-30949 | Deserialization of Untrusted Data vulnerability in Guru Team Site Chat on Telegram site-chat-on-telegram allows Object Inject... | ||
| CVE-2024-38789 | Cross-Site Request Forgery (CSRF) vulnerability in Marco Milesi Telegram Bot & Channel telegram-bot allows Cross Site Request... | ||
| CVE-2024-9821 | The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensitive information disclosure due to missing aut... | ||
| CVE-2024-9630 | 10web | Wps Telegram Chat | The WPS Telegram Chat plugin for WordPress is vulnerable to authorization bypass due to a missing capability check when acces... |
| CVE-2024-9628 | 10web | Wps Telegram Chat | The WPS Telegram Chat plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missi... |
| CVE-2024-0898 | Bluecoral | Chat Bubble | The Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back plugin for WordPress ... |
| CVE-2023-34658 | Telegram | Telegram | Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via calling the function SFSafariV... |
| CVE-2023-34006 | Telegram Bot Channel Project | Telegram Bot Channel | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Milesi Telegram Bot & Channel plugin <= 3.6.2 versio... |
| CVE-2023-26818 | Telegram | Telegram | Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBR... |
| CVE-2022-43363 | Telegram | Telegram | ** DISPUTED ** Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some thi... |
| CVE-2022-3858 | Premio | Chaty | The Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button WordPress plugin before 3.... |
| CVE-2021-41861 | Telegram | Telegram | The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vuln... |
| CVE-2021-40532 | Telegram | Web K Alpha | Telegram Web K Alpha before 0.7.2 mishandles the characters in a document extension. |
| CVE-2021-37596 | Telegram | Web K Alpha | Telegram Web K Alpha 0.6.1 allows XSS via a document name. |
| CVE-2021-36769 | Telegram | Telegram | A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.... |
| CVE-2021-31323 | Telegram | Telegram | Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the Lott... |
| CVE-2021-31322 | Telegram | Telegram | Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LOTG... |
| CVE-2021-31321 | Telegram | Telegram | Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the gray... |
| CVE-2021-31320 | Telegram | Telegram | Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the VGra... |
| CVE-2021-31319 | Telegram | Telegram | Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGrad... |
| CVE-2021-31318 | Telegram | Telegram | Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLay... |
| CVE-2021-31317 | Telegram | Telegram | Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the VDasher co... |
| CVE-2021-31315 | Telegram | Telegram | Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the blit... |
| CVE-2021-30496 | Telegram | Telegram | ** DISPUTED ** The Telegram app 7.6.2 for iOS allows remote authenticated users to cause a denial of service (application cra... |
| CVE-2021-27351 | Telegram | Telegram | The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, ... |
| CVE-2021-27205 | Apple | Macos | Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in a sandbox path, leading to ... |
| CVE-2021-27204 | Apple | Macos | Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to information disclosure. |
| CVE-2020-25824 | Telegram | Telegram Desktop | Telegram Desktop through 2.4.3 does not require passcode entry upon pushing the Export key within the Export Telegram Data wi... |
| CVE-2020-17448 | Telegram | Telegram Desktop | Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, ... |
| CVE-2020-12474 | Telegram | Telegram | Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, and Telegram through 6.0.1 for iOS allow an IDN Homograph... |
| CVE-2020-10570 | Telegram | Telegram | The Telegram application through 5.12 for Android, when Show Popup is enabled, might allow physically proximate attackers to ... |
| CVE-2019-16248 | Telegram | Telegram | The "delete for" feature in Telegram before 5.11 on Android does not delete shared media files from the Telegram Images direc... |
| CVE-2019-15514 | Telegram | Telegram | The Privacy > Phone Number feature in the Telegram app 5.10 for Android and iOS provides an incorrect indication that the acc... |
| CVE-2019-13633 | Blinger | Blinger | Blinger.io v.1.0.2519 is vulnerable to Blind/Persistent XSS. An attacker can send arbitrary JavaScript code via a built-in co... |
| CVE-2019-10044 | Microsoft | Windows | Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN... |
| CVE-2018-20436 | Telegram | Telegram | ** DISPUTED ** The "secret chat" feature in Telegram 4.9.1 for Android has a "side channel" in which Telegram servers send GE... |
| CVE-2018-17780 | Telegram | Telegram Desktop | Telegram Desktop (aka tdesktop) 1.3.14, and Telegram 3.3.0.0 WP8.1 on Windows, leaks end-user public and private IP addresses... |
| CVE-2018-17613 | Telegram | Telegram Desktop | Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is enabled, sends credentials and application data in cleartex... |
| CVE-2018-17231 | Telegram | Telegram Desktop | ** DISPUTED ** Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of service (assertion failure a... |
| CVE-2018-15543 | Telegram | Telegram | ** DISPUTED ** An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The FingerprintManager c... |