{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T15:18:21.998","vulnerabilities":[{"cve":{"id":"CVE-2025-41459","sourceIdentifier":"a341c0d1-ebf7-493f-a84e-38cf86618674","published":"2025-07-21T11:15:23.810","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Insufficient protection against brute-force and runtime manipulation in the local authentication component in Two App Studio Journey 5.5.6 on iOS allows local attackers to bypass biometric and PIN-based access control via repeated PIN attempts or dynamic code injection."},{"lang":"es","value":"La protección insuficiente contra la fuerza bruta y la manipulación en tiempo de ejecución en el componente de autenticación local en Two App Studio Journey 5.5.6 en iOS permite a los atacantes locales eludir el control de acceso biométrico y basado en PIN a través de repetidos intentos de PIN o inyección de código dinámico."}],"metrics":{"cvssMetricV31":[{"source":"a341c0d1-ebf7-493f-a84e-38cf86618674","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"a341c0d1-ebf7-493f-a84e-38cf86618674","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"references":[{"url":"https://www.cirosec.de/sa/sa-2025-006","source":"a341c0d1-ebf7-493f-a84e-38cf86618674"}]}}]}