ChatGPT
- Known vulnerabilities
- 0
- Still open
- 0
- KEV open
- 0
- Max CVSS score
- —
Cumulative exposure
Low
Aggregates open CVEs (40%) + KEV (30%) + critical shared permissions (15%) + trackers (10%) + OS EOL (5%). Higher score = more exposed.
-
Open CVEs +0/+50
0 open CVEs, max CVSS 0.0, EPSS 0%
-
Active KEVs +0/+35
0 CISA KEVs still open
-
Permissions +0/+10
0 critical shared permission(s)
-
Trackers +0/+8
0 identification/profiling tracker(s)
-
EOL OS +0/+5
Installed OS is end-of-life
Based on permissions only: no CVE data referenced for this app.
Known vulnerabilities (CVE)
No CVE is currently referenced in NVD for this app on its platform.
The absence of CVEs is not a security guarantee — it can also mean nobody has audited or published findings.
Privacy Score
Respectful
Composite: 40% critical shared + 30% high shared + 20% high collected + 10% sensitive density.
-
Critical shared 0/-40
0 critical shared
-
High shared 0/-30
0 high + 0 medium shared
-
High collected -8/-20
1 high + 5 medium collected
1 high : Other in-app messages
5 moderate : App interactions and Other user-generated content, Approximate location, Address, Email address, Phone number
-
Sensitive density 0/-10
9% sensitive
Context
Context
Description
Your AI assistant for writing, search, image generation, and more
Data collected and shared
Source: Play Store Data Safety · 11 data item(s) declared
Indicative classification based on data sensitivity. "Shared" = transmitted to third parties (publisher-declared).
FAQ
FAQ: ChatGPT
Why are no CVEs listed for ChatGPT?
No CVE is currently referenced in NVD for ChatGPT (com.openai.chatgpt) with a Android CPE configuration. Either none has been publicly disclosed, or none has been mapped yet. Absence of a CVE is not a security guarantee.
What is the latest known version of ChatGPT?
The most recent version of ChatGPT (com.openai.chatgpt) tracked by Appaloosa Scout is 1.2026.153, published by OpenAI.