Lucene search
K

520 matches found

NVD
NVD
added 2026/04/06 9:16 p.m.6 views

CVE-2026-35394

Mobile Next is an MCP server for mobile development and automation. Prior to 0.0.50, the mobileopenurl tool in mobile-mcp passes user-supplied URLs directly to Android's intent system without any scheme validation, allowing execution of arbitrary Android intents, including USSD codes, phone calls...

8.8CVSS0.00387EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/06 8:52 p.m.2 views

CVE-2026-35394 Mobile Next has Arbitrary Android Intent Execution via mobile_open_url

Mobile Next is an MCP server for mobile development and automation. Prior to 0.0.50, the mobileopenurl tool in mobile-mcp passes user-supplied URLs directly to Android's intent system without any scheme validation, allowing execution of arbitrary Android intents, including USSD codes, phone calls...

8.3CVSS6.2AI score0.00387EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/06 8:52 p.m.4 views

CVE-2026-35394

Mobile Next is an MCP server for mobile development and automation. Prior to 0.0.50, the mobileopenurl tool in mobile-mcp passes user-supplied URLs directly to Android's intent system without any scheme validation, allowing execution of arbitrary Android intents, including USSD codes, phone calls...

8.3CVSS6.2AI score0.00387EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/04/06 8:52 p.m.24 views

CVE-2026-35394 Mobile Next has Arbitrary Android Intent Execution via mobile_open_url

Mobile Next is an MCP server for mobile development and automation. Prior to 0.0.50, the mobileopenurl tool in mobile-mcp passes user-supplied URLs directly to Android's intent system without any scheme validation, allowing execution of arbitrary Android intents, including USSD codes, phone calls...

8.3CVSS0.00387EPSS
Exploits1References1
CVE
CVE
added 2026/04/06 8:52 p.m.38 views

CVE-2026-35394

CVE-2026-35394 relates to Mobile Next MCP server’s mobile_open_url tool, where user-supplied URLs were passed directly to Android’s intent system without scheme validation. The underlying issue allowed execution of arbitrary Android intents (including USSD codes, phone calls, SMS messages, and co...

8.8CVSS6.2AI score0.00387EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.10 views

Mobile Next 安全漏洞

Mobile Next is an open-source mobile application automation development and testing tool developed by Mobile Next. Versions of Mobile Next prior to 0.0.50 contained security vulnerabilities. These vulnerabilities stemmed from the mobileopenurl tool not verifying the URL schemes provided by users,...

8.8CVSS6AI score0.00387EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/04 5:37 a.m.3 views

Improper Authorization in Handler for Custom URL Scheme

Overview @mobilenext/mobile-mcp is a Mobile MCP Affected versions of this package are vulnerable to Improper Authorization in Handler for Custom URL Scheme via the mobileopenurl function. An attacker can execute arbitrary Android intents, such as initiating phone calls, sending SMS messages,...

8.8CVSS6.1AI score0.00387EPSS
Exploits1References2
OSV
OSV
added 2026/04/04 5:37 a.m.4 views

GHSA-5QHV-X9J4-C3VM @mobilenext/mobile-mcp: Arbitrary Android Intent Execution via mobile_open_url

Summary The mobileopenurl tool in mobile-mcp passes user-supplied URLs directly to Android's intent system without any scheme validation, allowing execution of arbitrary Android intents, including USSD codes, phone calls, SMS messages, and content provider access. Details The vulnerable code pass...

8.3CVSS6.3AI score0.00387EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/04/04 5:37 a.m.8 views

@mobilenext/mobile-mcp: Arbitrary Android Intent Execution via mobile_open_url

Summary The mobileopenurl tool in mobile-mcp passes user-supplied URLs directly to Android's intent system without any scheme validation, allowing execution of arbitrary Android intents, including USSD codes, phone calls, SMS messages, and content provider access. Details The vulnerable code pass...

8.8CVSS6.3AI score0.00387EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.11 views

PT-2026-30323

Summary The mobile open url tool in mobile-mcp passes user-supplied URLs directly to Android's intent system without any scheme validation, allowing execution of arbitrary Android intents, including USSD codes, phone calls, SMS messages, and content provider access. Details The vulnerable code...

8.3CVSS6.3AI score0.00387EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2026/04/01 5:3 p.m.2 views

CVE-2026-34210

mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new...

8.1CVSS5.8AI score0.00494EPSS
Exploits0References1
OSV
OSV
added 2026/03/31 2:10 p.m.4 views

CVE-2026-34210 mppx has Stripe charge credential replay via missing idempotency check

mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new...

6CVSS5.8AI score0.00494EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/29 12:0 a.m.6 views

PT-2026-28608

Impact The stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new challenge, and the server would accept the replayed Stripe PaymentIntent as a ne...

6CVSS5.9AI score0.00494EPSS
Exploits0References7
Packet Storm News
Packet Storm News
added 2026/02/10 12:0 a.m.6 views

When Skills Lie: Hidden-Comment Injection in LLM Agents

LLM agents often rely on Skills to describe available tools and recommended procedures. We study a hidden-comment prompt injection risk in this documentation layer: when a Markdown Skill is rendered to HTML, HTML comment blocks can become invisible to human reviewers, yet the raw text may still b...

5.5AI score
Exploits0
CVE
CVE
added 2026/01/16 9:23 a.m.20 views

CVE-2025-14844

The CVE refers to the WordPress Membership Plugin – Restrict Content (versions through 3.2.16) with Missing Authentication to Insecure Direct Object Reference and Sensitive Information Exposure. The flaw resides in rcp_stripe_create_setup_intent_for_saved_card where there is no proper capability ...

8.2CVSS5.3AI score0.00419EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.5 views

CVE-2023-43955

The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData...

9.8CVSS7.5AI score0.01262EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/22 7:21 a.m.18 views

CVE-2025-13427

An authentication bypass vulnerability in Google Cloud Dialogflow CX Messenger allowed unauthenticated users to interact with restricted chat agents, gaining access to the agents' knowledge and the ability to trigger their intents, by manipulating initialization parameters or crafting specific AP...

6.9CVSS7.1AI score0.0034EPSS
Exploits0References1
NVD
NVD
added 2025/12/18 10:15 p.m.11 views

CVE-2025-13427

An authentication bypass vulnerability in Google Cloud Dialogflow CX Messenger allowed unauthenticated users to interact with restricted chat agents, gaining access to the agents' knowledge and the ability to trigger their intents, by manipulating initialization parameters or crafting specific AP...

6.9CVSS0.0034EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 9:57 p.m.3 views

CVE-2025-13427 Authentication Bypass in Dialogflow CX Messenger

An authentication bypass vulnerability in Google Cloud Dialogflow CX Messenger allowed unauthenticated users to interact with restricted chat agents, gaining access to the agents' knowledge and the ability to trigger their intents, by manipulating initialization parameters or crafting specific AP...

6.9CVSS6.7AI score0.0034EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.9 views

PT-2025-52356

Name of the Vulnerable Software and Affected Versions Google Cloud Dialogflow CX Messenger versions prior to August 20th, 2025 Description An authentication bypass issue in Google Cloud Dialogflow CX Messenger permitted unauthorized users to interact with restricted chat agents. This allowed acce...

6.9CVSS6.5AI score0.0034EPSS
Exploits0References4
Rows per page
Query Builder