Browse all 3 CVE security advisories affecting KaKao. AI-powered Chinese analysis, POCs, and references for each vulnerability.
KaKao operates South Korea's dominant messaging platform with over 50 million users, enabling communication, financial services, and content delivery. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from insecure input handling and insufficient access controls. Notable incidents include a 2021 data breach affecting 29 million users and a 2020 vulnerability allowing unauthorized account access through crafted messages. The platform's broad service integration increases attack surface, with security concerns persisting around third-party app permissions and data protection mechanisms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-9673 | Kakao 헤이카카오 Hey Kakao App com.kakao.i.connect AndroidManifest.xml improper export of android application components — 헤이카카오 Hey Kakao AppCWE-926 | 5.3 | Medium | 2025-08-29 |
| CVE-2022-4246 | Kakao PotPlayer MID File denial of service — PotPlayerCWE-404 | 4.3 | Medium | 2022-12-01 |
| CVE-2019-9132 | Kakao KaKaoTalk 输入验证错误漏洞 — Kakaotalk Windows PC Messenger | 8.8 | - | 2019-04-01 |
This page lists every published CVE security advisory associated with KaKao. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.