Lovence is known for its choice of remote vibrators. This is a massive security issue that exposes user emails and allows hackers to take over the account completely without passwords. Fortunately, both of these problems have been solved, but without drama, it didn’t happen.
As The story is goneSecurity researcher Bobdahacker (in some help) unexpectedly discovered that you can easily discover the user’s email address by muting someone in the app. From there, they can figure out that you can do this with any user account, effectively revealing every Lovese user’s email without much effort.
DISORD user data leaks in hacker forums violated third-party service disputes
With email, valid gtokens can be generated without a password, giving hackers full access to a person’s cute account without passwords. The researchers told Lovence the problem in late March and were told that the fix was coming in.
Mixable light speed
In June 2025, Lovence told researchers that the fix would take 14 months to implement because it did not want to force older users to upgrade the app. Partial fixes are implemented over time and can only partially resolve the issue. On July 28, researchers released an update showing Lovese is still leaking emails and exposed more than 11 million user accounts.
“We could have easily collected emails from any public username list,” Bobdahacker said in a blog post. “This is especially bad for the CAM model that publicly shares their username but obviously doesn’t want their personal emails to be exposed.”
Then the news began News cycle. Other researchers have begun to lend a hand, suggesting that the vulnerability was actually known as early as 2022, and Lovence closed the issue without publishing it. After another two days in the news cycle, the sex toy company finally launched a fix for the two vulnerabilities on July 30.
This is not Loveense’s first volume in the mud. In 2017, the company’s app was captured as well-known pants Display as record user When they use apps and toys. Lovence also solved the problem, stating that the audio data was never sent to its server.
theme
Application and software sex toys
