CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2026/03/19 12:0 a.m.•7 views

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability (CNVD-2026-17493)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A spoofing vulnerability exists in Microsoft Edge Chromium-based for Android, which can be exploited by attackers to perform spoofing attacks...

5CVSS5.8AI score0.00239EPSS

Schneier on Security•added 2026/03/18 11:7 a.m.•4 views

Meta’s AI Glasses and Privacy

Surprising no one, Meta's new AI glasses are a privacy disaster. I'm not sure what can be done here. This is a technology that will exist, whether we like it or not. Meanwhile, there is a new Android app that detects when there are smart glasses nearby...

5.8AI score

Malwarebytes•added 2026/03/17 9:59 a.m.•4 views

Google cracks down on Android apps abusing accessibility

Google just dropped a bombshell for app developers with the latest version of its Android mobile operating system. The company can now prevent apps from installing if they try to use the system's accessibility features. The new development, live in version 17.2 of Android, is all about security,...

5.9AI score

EUVD•added 2026/03/16 6:32 p.m.•4 views

EUVD-2026-12453

A vulnerability was found in Albert Sağlık Hizmetleri ve Ticaret Albert Health up to 1.7.3 on Android. Affected is an unknown function of the file resources/assets/service-account.json of the component Google Cloud Service Account Key Handler. Performing a manipulation results in unprotected...

2.5CVSS4.8AI score0.00099EPSS

NVD•added 2026/03/16 4:16 p.m.•4 views

CVE-2026-4250

2.5CVSS0.00099EPSS

Cvelist•added 2026/03/16 4:2 p.m.•28 views

CVE-2026-4251 CityData CityChat ai.citydata.citychat credentials.json credentials storage

A vulnerability was determined in CityData CityChat up to 0.12.6 on Android. Affected by this vulnerability is an unknown functionality of the file resources/assets/flutterassets/assets/credentials.json of the component ai.citydata.citychat. Executing a manipulation can lead to unprotected storag...

2.5CVSS0.00097EPSS

Vulnrichment•added 2026/03/16 4:2 p.m.•6 views

CVE-2026-4251 CityData CityChat ai.citydata.citychat credentials.json credentials storage

2.5CVSS4.9AI score0.00097EPSS

CVE•added 2026/03/16 4:2 p.m.•5 views

CVE-2026-4251

CVE-2026-4251 – CityData CityChat (Android, up to 0.12.6) Vulnerability in the internal credentials storage: an affected component is the file path resources/assets/flutter_assets/assets/credentials.json within ai.citydata.citychat. Exploitation requires local access with high complexity, and cou...

2.5CVSS4.9AI score0.00097EPSS

Cvelist•added 2026/03/16 3:32 p.m.•30 views

CVE-2026-4250 Albert Sağlık Hizmetleri ve Ticaret Albert Health Google Cloud Service Account Key service-account.json credentials storage

2.5CVSS0.00099EPSS

Vulnrichment•added 2026/03/16 3:32 p.m.•4 views

CVE-2026-4250 Albert Sağlık Hizmetleri ve Ticaret Albert Health Google Cloud Service Account Key service-account.json credentials storage

2.5CVSS4.8AI score0.00099EPSS

2.5CVSS5.1AI score0.00107EPSS

EUVD-2026-12449

A weakness has been identified in La Nacion App 10.2.25 on Android. This impacts an unknown function of the file source/app/lanacion/clublanacion/BuildConfig.java of the component app.lanacion.activity. Executing a manipulation of the argument APIKEYWEBSOCKETCV can lead to unprotected storage of...

EUVD•added 2026/03/16 3:30 p.m.•2 views

EUVD-2026-12447

A security flaw has been discovered in BabyChakra Pregnancy & Parenting App up to 5.4.3.0 on Android. This affects an unknown function of the file file app/babychakra/babychakra/Configuration.java of the component app.babychakra.babychakra. Performing a manipulation of the argument SEGMENTWRITEKE...

2.5CVSS4.8AI score0.00099EPSS

2.5CVSS5AI score0.00097EPSS

EUVD-2026-12337

A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument...

EUVD•added 2026/03/16 3:30 p.m.•4 views

EUVD-2026-12339

A vulnerability was detected in myAEDES App up to 1.18.4 on Android. Affected is an unknown function of the file aedes/me/beta/utils/EngageBayUtils.java of the component aedes.me.beta. Performing a manipulation of the argument AUTHKEY results in information disclosure. The attack is only possible...

2.5CVSS5AI score0.00132EPSS

4.8CVSS5.3AI score0.00104EPSS

EUVD-2026-12353

A flaw has been found in INDEX Conferences & Exhibitions Organization YWF BPOF APGCS App up to 1.0.2 on Android. Affected by this vulnerability is an unknown functionality of the file com/index/event/BuildConfig.java of the component ae.index.apgcs. Executing a manipulation of the argument...

5.3CVSS5.3AI score0.00103EPSS

EUVD-2026-12335

A weakness has been identified in i-SENS SmartLog App up to 2.6.8 on Android. This affects an unknown function of the component air.SmartLog.android. This manipulation causes hard-coded credentials. The attack can only be executed locally. The exploit has been made available to the public and cou...