CVE-2021-23827
MEDIUMKeybase < 5.6.0 (Windows/macOS) < 5.6.1 (Linux) - Cleartext Storage of Sensitive Media in Cache and Uploadtemps
Title source: llmDescription
Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the "Explode message/Explode now" functionality. Local filesystem access is needed by the attacker.
References (3)
Core 3
Core References
Release Notes, Third Party Advisory x_refsource_misc
https://github.com/keybase/client/releases
Exploit, Third Party Advisory x_refsource_misc
https://johnjhacking.com/blog/cve-2021-23827/
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
https://hackerone.com/reports/1074930
Scores
CVSS v3
5.5
EPSS
0.0030
EPSS Percentile
21.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-312
Status
published
Products (2)
keybase/keybase
< 5.6.0
keybase/keybase
< 5.6.1
Published
Feb 23, 2021
Tracked Since
Feb 18, 2026