HIGH
Soroush
CVE published 2026-05-25
CVE-2018-25361
CVE-2018-25361 describes an authentication bypass vulnerability in Soroush IM Desktop App version 0.17.0. The vulnerability stems from the application's use of a constant encryption key for database entries, allowing local attackers to inject pre-encrypted database records that bypass passcode protection. By manipulating the application's local database files, an attacker can unlock the client and gain un [truncated]