Vulnerability Description
In mObywatel iOS application an unauthorized user can use the App Switcher to view the account owner's personal information in the minimized app window, even after the login session has ended (reopening the app would require the user to log in). The data exposed depends on the last application view displayed before the application was minimized This issue was fixed in version 4.71.0
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-11598?
CVE-2025-11598 is a documented vulnerability. In mObywatel iOS application an unauthorized user can use the App Switcher to view the account owner's personal information in the minimized app window, even after the login session has ended (reopeni...
How severe is CVE-2025-11598?
CVSS scoring is not yet available for CVE-2025-11598. Check NVD for updates.
Is there a patch for CVE-2025-11598?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.