What is CVE-2025-70994?

CVE-2025-70994 is a vulnerability in N/a. Published 2026-04-23.

Is CVE-2025-70994 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2025-70994

Yadea T5 Electric Bicycles (models manufactured in/after 2024) have a weak authentication mechanism in their keyless entry system. The system utilizes the EV1527 fixed-code RF protocol without implementing rolling codes or cryptographic ch…

EPSS: 0.000 (15.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ktauchathuranga/CVE-2025-70994

References

github.com/ktauchathuranga/ghost-keys
github.com/ktauchathuranga/CVE-2025-70994

Frequently asked questions

What is CVE-2025-70994?: CVE-2025-70994 is a vulnerability in N/a. Published 2026-04-23.
Is CVE-2025-70994 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.