CVE-2026-4217
CVE-2026-4217 affects XREAL Nebula App up to version 3.2.1 on Android. The vulnerability resides in ai.nreal.nebula.universal’s CloudStoragePlugin.java (ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java) where manipulation of accessKey/secretAccessKey/securityToken can lead to unprotected sto...