CVE-2025-52571 Information

Description

Hikka is a Telegram userbot. A vulnerability affects all users of versions below 1.6.2 including most of the forks. It allows an unauthenticated attacker to gain access to Telegram account of a victim as well as full access to the server. The issue is patched in version 1.6.2. No known workarounds are available.

Reference

https://github.com/hikariatama/Hikka/commit/9a0e4b1b387ef828c345c43d990421d5afcff5f6 https://github.com/hikariatama/Hikka/security/advisories/GHSA-vwpq-wm8w-44wf

Related CNNVD

CNNVD-202506-3116 (Published: 2025-06-24)