CVE-2024-39891CISA KEVEPSS p70.5%
CVE-2024-39891Twilio Authy Information Disclosure Vulnerability
Twilio / Authy
Description
Twilio Authy contains an information disclosure vulnerability in its API that allows an unauthenticated endpoint to accept a request containing a phone number and respond with information about whether the phone number was registered with Authy.
Scoring
| EPSS | 1.48% probability of exploitation · percentile 70.5% · 2026-06-18T12:00:27Z |
CISA KEV entry
Added to KEV: 2024-07-23
(incoming)1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| KEVEntry | Twilio Authy Information Disclosure Vulnerabilitykev-cve-2024-39891 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.