CVE-2024-39891CISA KEV: Actively Exploited

Twilio Authy Information Disclosure Vulnerability

Published Jul 23, 2024·Updated Jul 23, 2024

Description

Twilio Authy contains an information disclosure vulnerability in its API that allows an unauthenticated endpoint to accept a request containing a phone number and respond with information about whether the phone number was registered with Authy.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free