In addition to monetary rewards given out within the Yandex Bug Bounty and adding winners to the Hall of Fame, we issue CVEs for researchers to express public gratitude to them.
CVE
Description
Researcher
Fixed in
CVE-2024-12168
Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted search path is used.
PT SWARM experts, Positive Technologies
2.7.0
Wed May 28 2025 19:59:21 GMT+0300 (Moscow Standard Time)