Twilio Authy Authenticator
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Twilio Authy Authenticator.
By the Year
In 2026 there have been 0 vulnerabilities in Twilio Authy Authenticator. Authy Authenticator did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 5.30 |
It may take a day or so for new Authy Authenticator vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Twilio Authy Authenticator Security Vulnerabilities
Authy API: Unauth Endpoint Exposes Phone # Data (Android <25.1.0 / iOS <26.1.0)
CVE-2024-39891
5.3 - Medium
- July 02, 2024
In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-number data, as exploited in the wild in June 2024. Specifically, the endpoint accepted a stream of requests containing phone numbers, and responded with information about whether each phone number was registered with Authy. (Authy accounts were not compromised, however.)
Side Channel Attack
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Twilio Authy Authenticator or by Twilio? Click the Watch button to subscribe.
