How severe is CVE-2025-27839?

This vulnerability has a severity rating of LOW with a CVSS score of 3.2 out of 10.

What type of vulnerability is CVE-2025-27839?

This is classified as CWE-1025, which is a common weakness in software security.

CVE-2025-27839

LOW Year: 2025

CVSS v3 Score

3.2

Low

Weakness Type

CWE-1025

View all →

Vulnerability Description

operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation (genuineness check) that causes verification results to be disregarded during the first scan of a card. Exploitation may not have been possible.

CVE-2025-32464

MEDIUM

CVSS:6.8(Medium)

HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer on...

CWE-10252025

CVE-2024-20342

MEDIUM

CVSS:5.8(Medium)

Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate lim...

CWE-10252024

CVE-2025-2887

MEDIUM

During a target rollback, the client fails to detect the rollback for delegated targets. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users sho...

CWE-10252025

CVE-2025-2888

MEDIUM

During a snapshot rollback, the client incorrectly caches the timestamp metadata. If the client checks the cache when attempting to perform the next update, the update timestamp validation will fail, ...

CWE-10252025

CVE-2025-27839

Vulnerability Description

Related Vulnerabilities

CVE-2025-32464

CVE-2024-20342

CVE-2025-2887

CVE-2025-2888