VULHUB ™

It is reported that Yeemp does not properly verify public keys when a file is transferred. Yeemp clients are assigned public keys and Yeemp uses public keys to authenticate users and encrypt messages. Reportedly, the application does not verify keys on incoming files. Due to this, remote attackers are able to spoof sender information and send potentially malicious files to users. Yeemp versions 0.9.9 and earlier are affected by this issue.

It is reported that Yeemp does not properly verify public keys when a file is transferred. Yeemp clients are assigned public keys and Yeemp uses public keys to authenticate users and encrypt messages. Reportedly, the application does not verify keys on incoming files. Due to this, remote attackers are able to spoof sender information and send potentially malicious files to users. Yeemp versions 0.9.9 and earlier are affected by this issue.