Known Vulnerabilities for products from Signal
Listed below are 15 of the newest known vulnerabilities associated with the vendor "Signal".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-47741 json | Not Provided | 2026-05-29 | 2026-05-29 | |
| CVE-2026-47213 json | Not Provided | 2026-06-10 | 2026-06-11 | |
| CVE-2026-46073 json | Not Provided | 2026-05-27 | 2026-05-27 | |
| CVE-2026-46065 json | Not Provided | 2026-05-27 | 2026-05-30 | |
| CVE-2026-46063 json | Not Provided | 2026-05-27 | 2026-05-27 | |
| CVE-2026-46050 json | Not Provided | 2026-05-27 | 2026-06-01 | |
| CVE-2026-45944 json | Not Provided | 2026-05-27 | 2026-05-30 | |
| CVE-2026-45943 json | Not Provided | 2026-05-27 | 2026-05-27 | |
| CVE-2026-43907 json | Not Provided | 2026-05-14 | 2026-05-14 | |
| CVE-2026-43400 json | Not Provided | 2026-05-08 | 2026-05-11 | |
| CVE-2025-5715 json | A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects un... | Not Provided | 2025-06-06 | 2026-04-29 |
| CVE-2023-24069 json | ** DISPUTED ** Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive at... | 3.3 - LOW | 2023-01-23 | 2023-11-07 |
| CVE-2023-24068 json | ** DISPUTED ** Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to modify conversation attachments... | 7.8 - HIGH | 2023-01-23 | 2023-11-07 |
| CVE-2022-28345 json | The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. It incorrectly renders RTLO encoded URLs beginning... | 7.5 - HIGH | 2022-04-15 | 2022-04-26 |
| CVE-2020-5753 json | Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal... | 5.3 - MEDIUM | 2020-05-20 | 2022-04-07 |
| CVE-2019-19954 json | Signal Desktop before 1.29.1 on Windows allows local users to gain privileges by creating a Trojan horse %SYSTEMDRIVE%\node_m... | 7.3 - HIGH | 2019-12-24 | 2020-08-24 |
| CVE-2019-17192 json | ** DISPUTED ** The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videocon... | 9.8 - CRITICAL | 2019-10-05 | 2023-11-07 |
| CVE-2019-17191 json | The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without ca... | 7.5 - HIGH | 2019-10-05 | 2021-07-21 |
| CVE-2019-9970 json | Open Whisper Signal (aka Signal-Desktop) through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Andro... | 6.5 - MEDIUM | 2019-03-24 | 2022-04-07 |
| CVE-2018-16132 json | The image rendering component (createGenericPreview) of the Open Whisper Signal app through 2.29.0 for iOS fails to check for... | 8.6 - HIGH | 2018-08-29 | 2018-11-08 |
Known software with vulnerabilities from Signal
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Signal | Messenger | 0.6 |
| Application | Signal | Private Messenger | - |
| Application | Signal | Signal | 0.1 |
| Application | Signal | Signal-desktop | 0.1.11 |
| Application | Signal | Signal Private Messenger | 0.6 |