Sanojwr

**Name of the Vulnerable Software and Affected Versions** wire-webapp versions prior to 2025-05-14-production.0 **Description** A regression issue in the function to delete local data causes the client's local database not to be deleted upon user logout, even when instructed to do so. This affects both temporary clients and regular clients attempting to delete personal information and conversations. Access to the machine is required to access the data, and if encryption-at-rest is used, cryptographic material cannot be exported. **Recommendations** For versions prior to 2025-05-14-production.0, manually delete the database on devices where the option "This is a public computer" was used prior to login or a logout with the request to delete local data has happened before. Update to wire-webapp version 2025-05-14-production.0 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** wire-avs versions prior to 9.2.22 wire-avs versions prior to 9.3.5 **Description** A remote format string issue could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. **Recommendations** For versions prior to 9.2.22, update to version 9.2.22 or later. For versions prior to 9.3.5, update to version 9.3.5 or later.