1753 matches found
CVE-2026-5456
A vulnerability was identified in Align Technology My Invisalign App 3.12.4 on Android. The impacted element is an unknown function of the file com/aligntech/myinvisalign/BuildConfig.java of the component com.aligntech.myinvisalign.emea. The manipulation of the argument CDAACCESSTOKEN leads to us...
CVE-2026-5462
A vulnerability was identified in Wahoo Fitness SYSTM App up to 7.2.1 on Android. Impacted is an unknown function of the file com/WahooFitness/SYSTM/BuildConfig.java of the component com.WahooFitness.SYSTM. Such manipulation of the argument SEGMENTWRITEKEY leads to use of hard-coded cryptographic...
CVE-2026-5458 Noelse Individuals & Pro App com.afone.noelse BuildConfig.java hard-coded key
A weakness has been identified in Noelse Individuals & Pro App up to 2.1.7 on Android. This impacts an unknown function of the file com/reactnative/antelop/BuildConfig.java of the component com.afone.noelse. This manipulation of the argument SEGMENTWRITEKEY causes use of hard-coded cryptographic...
CVE-2026-5458 Noelse Individuals & Pro App com.afone.noelse BuildConfig.java hard-coded key
A weakness has been identified in Noelse Individuals & Pro App up to 2.1.7 on Android. This impacts an unknown function of the file com/reactnative/antelop/BuildConfig.java of the component com.afone.noelse. This manipulation of the argument SEGMENTWRITEKEY causes use of hard-coded cryptographic...
CVE-2026-5458
CVE-2026-5458 affects Noelse Individuals & Pro App up to v2.1.7 on Android. The vulnerability references an issue in the file path com/reactnative/antelop/BuildConfig.java within the component com.afone.noelse, where manipulation of the argument SEGMENT_WRITE_KEY results in the use of a hard-code...
EUVD-2026-18599
A vulnerability was found in GRID Organiser App up to 1.0.5 on Android. Impacted is an unknown function of the file file res/raw/app.json of the component co.gridapp.organiser. Performing a manipulation of the argument SegmentWriteKey results in use of hard-coded cryptographic key . The attack is...
CVE-2026-5457 PropertyGuru AgentNet Singapore App com.allproperty.android.agentnet BuildConfig.java hard-coded key
A security flaw has been discovered in PropertyGuru AgentNet Singapore App up to 23.7.10 on Android. This affects an unknown function of the file com/allproperty/android/agentnet/BuildConfig.java of the component com.allproperty.android.agentnet. The manipulation of the argument...
CVE-2026-5457
A security flaw has been discovered in PropertyGuru AgentNet Singapore App up to 23.7.10 on Android. This affects an unknown function of the file com/allproperty/android/agentnet/BuildConfig.java of the component com.allproperty.android.agentnet. The manipulation of the argument...
CVE-2026-5457
PropertyGuru AgentNet Singapore App (Android, up to v23.7.10) has a flaw in com.allproperty.android.agentnet.BuildConfig.java where manipulating SEGMENT_ANDROID_WRITE_KEY/SEGMENT_TOS_WRITE_KEY leads to use of a hard-coded cryptographic key. The attack requires local access; the exploit has been r...
CVE-2026-5456
A vulnerability was identified in Align Technology My Invisalign App 3.12.4 on Android. The impacted element is an unknown function of the file com/aligntech/myinvisalign/BuildConfig.java of the component com.aligntech.myinvisalign.emea. The manipulation of the argument CDAACCESSTOKEN leads to us...
CVE-2026-5456 Align Technology My Invisalign App com.aligntech.myinvisalign.emea BuildConfig.java hard-coded key
A vulnerability was identified in Align Technology My Invisalign App 3.12.4 on Android. The impacted element is an unknown function of the file com/aligntech/myinvisalign/BuildConfig.java of the component com.aligntech.myinvisalign.emea. The manipulation of the argument CDAACCESSTOKEN leads to us...
CVE-2026-5456
The CVE-2026-5456 entry affects Align Technology My Invisalign App 3.12.4 on Android, targeting the component com.aligntech.myinvisalign.emea via the file path com/aligntech/myinvisin.../BuildConfig.java (unknown function). The vulnerability arises from manipulation of the argument CDAACCESS_TOKE...
CVE-2026-5453
A vulnerability has been found in Rico só vantagem pra investir App up to 4.58.32.12421 on Android. This issue affects some unknown processing of the file br/com/rico/mobile/di/SegmentSettingsModule.java of the component br.com.rico.mobile. Such manipulation of the argument SEGMENTWRITEKEY leads ...
CVE-2026-5454
The vulnerability CVE-2026-5454 affects GRID Organiser App up to version 1.0.5 on Android, specifically the component co.gridapp.organiser. The issue resides in the file res/raw/app.json where manipulating the SegmentWriteKey leads to use of a hard-coded cryptographic key. This attack requires lo...
CVE-2026-5453
A vulnerability has been found in Rico só vantagem pra investir App up to 4.58.32.12421 on Android. This issue affects some unknown processing of the file br/com/rico/mobile/di/SegmentSettingsModule.java of the component br.com.rico.mobile. Such manipulation of the argument SEGMENTWRITEKEY leads ...
CVE-2026-5452 UCC CampusConnect App campusconnect.ucc BuildConfig.java hard-coded key
A flaw has been found in UCC CampusConnect App up to 14.3.5 on Android. This vulnerability affects unknown code of the file campusconnect/BuildConfig.java of the component campusconnect.ucc. This manipulation causes use of hard-coded cryptographic key . The attack can only be executed locally. Th...
CVE-2026-5452
A flaw has been found in UCC CampusConnect App up to 14.3.5 on Android. This vulnerability affects unknown code of the file campusconnect/BuildConfig.java of the component campusconnect.ucc. This manipulation causes use of hard-coded cryptographic key . The attack can only be executed locally. Th...
PT-2026-29995
A vulnerability was identified in Wahoo Fitness SYSTM App up to 7.2.1 on Android. Impacted is an unknown function of the file com/WahooFitness/SYSTM/BuildConfig.java of the component com.WahooFitness.SYSTM. Such manipulation of the argument SEGMENT WRITE KEY leads to use of hard-coded cryptograph...
PT-2026-29986
A vulnerability has been found in Rico só vantagem pra investir App up to 4.58.32.12421 on Android. This issue affects some unknown processing of the file br/com/rico/mobile/di/SegmentSettingsModule.java of the component br.com.rico.mobile. Such manipulation of the argument SEGMENT WRITE KEY lead...
OpenClaw: Arbitrary code execution via unvalidated WebView JavascriptInterface
Summary Android Canvas WebView pages from untrusted origins could invoke the JavascriptInterface bridge and inject instructions into the app. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...