MEDIUM
HelloTalk
CVE published 2026-06-05
CVE-2020-25900
CVE-2020-25900 is a vulnerability in HelloTalk that allows for the storage of full-precision GPS coordinates even when users intend to share only a country or city. These coordinates are then stored in a database on the client-side of other users. Although the client-side was updated in 2019 to encrypt this database, the vulnerability still poses a risk to user privacy. The vulnerability has a CVSS score [truncated]