Telegram Desktop is a free and secure desktop messaging app that syncs with its mobile counterpart. It has a focus on speed and security, allowing users to send messages, photos, videos, and files of any type. The app also supports group chats and channels for broadcasting to unlimited audiences.

Telegram Desktop

Echo is a secure, minimal Linux OS built vulnerability-free. It is fully compatible across environments and continuously patched - making it a clean, dependable base layer for modern applications. Echo is used by organizations focused on security and reliability, including those with compliance or FIPS requirements.

Echo

Telegram Desktop 2.9.2 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized message payload. Attackers can generate a 9 million byte buffer and paste it into the messaging interface to trigger an application crash.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2020-17448	HIGH	7.8	Telegram Desktop	net-im/telegram-desktop	No	Yes	Aug 11, 2020
CVE-2020-12474	MEDIUM	6.5	NixOS	telegram	No	Yes	May 01, 2020
CVE-2021-36769	MEDIUM	5.3	NixOS	telegram-desktop	No	Yes	Jul 17, 2021
CVE-2021-47793	MEDIUM	4.6	Telegram Desktop	cpe:2.3:a:telegram:telegram_desktop	No	No	Jan 16, 2026
CVE-2020-25824	LOW	2.4	Telegram Desktop	net-im/telegram-desktop	No	Yes	Oct 14, 2020

CVE-2021-47793:
Telegram Desktop vulnerability analysis and mitigation

4.6

Related Telegram Desktop vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2021-47793: Telegram Desktop vulnerability analysis and mitigation