This page aggregates publicly disclosed CVE and security risk information related to tinxy, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-44619 | Tinxy WiFi Lock Controller v1 RF was discovered to be configured to transmit on an open Wi-Fi network, allowing attackers to join the network without authentication. | [email protected] | 9.1 | 0.36% | 2025-05-30 | 2025-07-22 |
| CVE-2025-44614 | Tinxy WiFi Lock Controller v1 RF was discovered to store users' sensitive information, including credentials and mobile phone numbers, in plaintext. | [email protected] | 7.5 | 0.17% | 2025-05-30 | 2025-07-22 |
| CVE-2025-44612 | Tinxy WiFi Lock Controller v1 RF was discovered to transmit sensitive information in plaintext, including control information and device credentials, allowing attackers to possibly intercept and access sensitive information via a man-in-the-middle attack. | [email protected] | 5.9 | 0.17% | 2025-05-30 | 2025-07-22 |
| CVE-2020-9438 | Tinxy Door Lock with firmware before 3.2 allow attackers to unlock a door by replaying an Unlock request that occurred when the attacker was previously authorized. In other words, door-access revocation is mishandled. | [email protected] | 5.9 | 0.67% | 2020-06-23 | 2024-11-21 |