This page aggregates publicly disclosed CVE and security risk information related to tinxy, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-44619 | Tinxy WiFi Lock Controller v1 RF was discovered to be configured to transmit on an open Wi-Fi network, allowing attackers to join the network without authentication. | [email protected] | 9.1 | 0.36% | 2025-05-29 | 2026-06-17 |
| CVE-2025-44614 | Tinxy WiFi Lock Controller v1 RF was discovered to store users' sensitive information, including credentials and mobile phone numbers, in plaintext. | [email protected] | 7.5 | 0.17% | 2025-05-29 | 2026-06-17 |
| CVE-2025-44612 | Tinxy WiFi Lock Controller v1 RF was discovered to transmit sensitive information in plaintext, including control information and device credentials, allowing attackers to possibly intercept and access sensitive information via a man-in-the-middle attack. | [email protected] | 5.9 | 0.17% | 2025-05-29 | 2026-06-17 |
| CVE-2020-9438 | Tinxy Door Lock with firmware before 3.2 allow attackers to unlock a door by replaying an Unlock request that occurred when the attacker was previously authorized. In other words, door-access revocation is mishandled. | [email protected] | 5.9 | 0.67% | 2020-06-23 | 2026-06-16 |