CVE-2025-13476
Rakuten Viber uses broken or risky cryptographic Algorithm
CVSS Score
9.8
EPSS Score
0.0%
EPSS Percentile
0th
Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block proxy traffic, undermining censorship circumvention. (CWE-327)
| Vendor | rakuten viber |
| Product | rakuten viber cloak - android |
| Published | Mar 5, 2026 |
| Last Updated | Mar 6, 2026 |
Stay Ahead of the Next One
Get instant alerts for rakuten viber rakuten viber cloak - android
Be the first to know when new critical vulnerabilities affecting rakuten viber rakuten viber cloak - android are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Rakuten Viber / Rakuten Viber Cloak - Android
25.7.2.0g < 27.2.0.0g
Rakuten Viber / Rakuten Viber Cloak - Windows
v25.6.0.0 < v27.3.0.0