2 results (0.001 seconds)
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-41459 – Insecure authentication due to missing bruteforce protection and runtime manipulation in Two App Studio Journey 5.5.6 for iOS
https://notcve.org/view.php?id=CVE-2025-41459
21 Jul 2025 — Insufficient protection against brute-force and runtime manipulation in the local authentication component in Two App Studio Journey 5.5.6 on iOS allows local attackers to bypass biometric and PIN-based access control via repeated PIN attempts or dynamic code injection. • https://www.cirosec.de/sa/sa-2025-006 • CWE-287: Improper Authentication •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-41458 – Insecure data storage vulnerability in Two App Studio Journey v5.5.9 for iOS
https://notcve.org/view.php?id=CVE-2025-41458
21 Jul 2025 — Unencrypted storage in the database in Two App Studio Journey v5.5.9 for iOS allows local attackers to extract sensitive data via direct access to the app’s filesystem. • https://www.cirosec.de/sa/sa-2025-005 • CWE-312: Cleartext Storage of Sensitive Information •