CVE-2026-9123

Heap buffer overflow in Chromecast in Google Chrome on Android, Linux, ChromeOS prior to 148.0.7778.179 allowed a local attacker to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: Medium...

CVE-2026-8564

Incorrect security UI in Downloads in Google Chrome on Android and Mac prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-3291 Samsung Print Service Plugin – Potential Information Disclosure

Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...

CVE-2026-5682

CVE-2026-5682 affects Meesho Online Shopping App (Android) in the com.meesho.supply component, specifically an unknown function in /api/endpoint. The issue arises from manipulation that leads to a risky cryptographic algorithm. Attack surface is remote, with high complexity required for exploitat...

PT-2026-25752

A security flaw has been discovered in BabyChakra Pregnancy & Parenting App up to 5.4.3.0 on Android. This affects an unknown function of the file file app/babychakra/babychakra/Configuration.java of the component app.babychakra.babychakra. Performing a manipulation of the argument SEGMENT WRITE...

CVE-2026-0385

Microsoft Edge Chromium-based for Android Spoofing Vulnerability...

EUVD-2026-9829

Cleartext Transmission of Sensitive Information vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Heartbeat sync loop modules allows Sniffing Attacks. This vulnerability is associated with program files src/hbbshttp/sync.Rs and program routine...

EUVD-2025-208224

Cleartext Storage of Sensitive Information CWE-312 in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator's mobile device to extract the session token and exploit access for a limited duration. This issue affects Command Centre Mobile...

PT-2026-22746

Name of the Vulnerable Software and Affected Versions Tuya App and SDK version 24.07.11 Description A denial of service condition exists in Tuya App and SDK. The issue affects an unknown functionality within the JSON Data Point Handler component. Manipulation of the cruise time argument can lead ...

ElysiumVanguard

🌌 Elysium Vanguard: TITAN v13.0 Hardware-Bridged Kernel E...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002740)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002740 advisory. In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated...

CVE-2021-0492

In memory management driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID:...

UBUNTU-CVE-2025-32900

In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5...

CVE-2025-32898

The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 5...

CVE-2025-61116

AdForest - Classified Android App version 4.0.12 package name scriptsbundle.adforest, developed by Muhammad Jawad Arshad, contains an improper access control vulnerability in its authentication mechanism. The app uses a Base64-encoded email address as the authorization credential, which can be...

CVE-2025-11717

When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability was fixed in Firefox 144...

EUVD-2025-34195

When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event This vulnerability affects Firefox 144...

EUVD-2020-1733

Malware in sbrugna...

EUVD-2021-10897

Malware in sbrugna...

EUVD-2025-27221

Malicious code in bioql PyPI...