Talk CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-61113	2 Google, Talktalk	2 Android, Talktalk App	2025-11-04	7.5 High
TalkTalk 3.3.6 Android App contains improper access control vulnerabilities in multiple API endpoints. By modifying request parameters, attackers may obtain sensitive user information (such as device identifiers and birthdays) and access private group information, including join credentials. Successful exploitation may result in privacy breaches and unauthorized access to restricted resources.
CVE-2005-3899	1 Google	1 Talk	2025-04-03	N/A
The automatic update feature in Google Talk allows remote attackers to cause a denial of service (CPU and memory consumption) by poisoning a target's DNS cache and causing a large update file to be sent, which consumes large amounts of CPU and memory during the signature verification, aka BenjiBug.
CVE-2005-3678	1 Google	1 Talk	2025-04-03	N/A
Google Talk before 1.0.0.76, with email notification enabled, allows remote attackers to cause a denial of service (connection reset) via email with a blank sender.

Page 1 of 1.