Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/04/07 11:1 p.m.4 views

CVE-2026-35394

Mobile Next is an MCP server for mobile development and automation. Prior to 0.0.50, the mobileopenurl tool in mobile-mcp passes user-supplied URLs directly to Android's intent system without any scheme validation, allowing execution of arbitrary Android intents, including USSD codes, phone calls...

8.8CVSS6.2AI score0.00387EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2026/04/04 5:37 a.m.5 views

@waigenie/mobile-mcp (=0.0.16) potentially affected by CVE-2026-35394 via @mobilenext/mobile-mcp (=0.0.12)

@mobilenext/mobile-mcp NPM version =0.0.12 is affected by a known vulnerability. The following packages have a transitive dependency on @mobilenext/mobile-mcp and may be impacted: - @waigenie/mobile-mcp =0.0.16 Source cves: CVE-2026-35394 Source advisory: SNYK:JS-MOBILENEXTMOBILEMCP-15918166...

8.8CVSS5.8AI score0.00387EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/04/04 5:37 a.m.4 views

@waigenie/mobile-mcp (=0.0.16) potentially affected by CVE-2026-35394 via @mobilenext/mobile-mcp (=0.0.12)

@mobilenext/mobile-mcp NPM version =0.0.12 is affected by a known vulnerability. The following packages have a transitive dependency on @mobilenext/mobile-mcp and may be impacted: - @waigenie/mobile-mcp =0.0.16 Source cves: CVE-2026-35394 Source advisory: OSV:GHSA-5QHV-X9J4-C3VM...

8.8CVSS5.8AI score0.00387EPSS
Exploits1
Circl
Circl
added 2026/04/02 11:4 a.m.6 views

CVE-2026-35394

creationtimestamp| type| source ---|---|--- 2026-04-02 11:04:41+00:00| published-proof-of-concept| https://github.com/mobile-next/mobile-mcp/security/advisories/GHSA-5qhv-x9j4-c3vm 2026-04-06 23:07:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3miuexqa2cz25 2026-04-06...

8.8CVSS5.7AI score0.00387EPSS
Exploits1References3
Rows per page
Query Builder