{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T20:17:54.986","vulnerabilities":[{"cve":{"id":"CVE-2025-52571","sourceIdentifier":"security-advisories@github.com","published":"2025-06-24T20:15:26.213","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Hikka is a Telegram userbot. A vulnerability affects all users of versions below 1.6.2, including most of the forks. It allows an unauthenticated attacker to gain access to Telegram account of a victim, as well as full access to the server. The issue is patched in version 1.6.2. No known workarounds are available."},{"lang":"es","value":"Hikka es un bot de usuario de Telegram. Una vulnerabilidad afecta a todos los usuarios de versiones anteriores a la 1.6.2, incluyendo la mayoría de las bifurcaciones. Permite a un atacante no autenticado acceder a la cuenta de Telegram de la víctima, así como a todo el servidor. El problema está corregido en la versión 1.6.2. No se conocen soluciones alternativas."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":6.0}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"references":[{"url":"https://github.com/hikariatama/Hikka/commit/9a0e4b1b387ef828c345c43d990421d5afcff5f6","source":"security-advisories@github.com"},{"url":"https://github.com/hikariatama/Hikka/security/advisories/GHSA-vwpq-wm8w-44wf","source":"security-advisories@github.com"}]}}]}