vulnerability
Zoom Zoom: CVE-2022-22779: Retained exploded messages in Keybase clients for macOS and Windows
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Feb 8, 2022 | Nov 14, 2023 | Feb 9, 2026 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Feb 8, 2022
Added
Nov 14, 2023
Modified
Feb 9, 2026
Description
The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from a user’s filesystem.Users can help keep themselves secure by applying current updates or downloading the latest Keybase software with all current security updates fromhttps://keybase.io/download.
Solution
zoom-zoom-upgrade-latest
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.