EUVD-2025-210155

An issue was discovered in Rakuten Send Anywhere File Transfer for Android com.estmob.android.sendanywhere 23.2.9. The vulnerability allows untrusted applications with no permissions to force arbitrary file downloads into the app's scoped storage. The resulting files appear in the application's...

EUVD-2026-36669

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment...

CVE-2025-68713

An issue was discovered in Rakuten Send Anywhere File Transfer for Android com.estmob.android.sendanywhere 23.2.9. The vulnerability allows untrusted applications with no permissions to force arbitrary file downloads into the app's scoped storage. The resulting files appear in the application's...

CVE-2026-12190

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment...

SUSE CVE-2026-12028

Use after free in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-12030

CVE-2026-12030: Out-of-bounds write in Chrome’s GPU code on Android (pre-149.0.7827.115) potentially enables a sandbox escape when a renderer process is compromised via a crafted HTML page. Affected: Google Chrome for Android; impact: high. Exploitation requires renderer access; remediation: Goog...

CVE-2026-42835

Microsoft Teams for Android contains a vulnerability described as improper neutralization of special elements in output used by a downstream component ('injection'), enabling an authorized attacker to disclose information over a network. Affected software: Microsoft Teams for Android. Root cause:...

PT-2026-47803

Name of the Vulnerable Software and Affected Versions Zoom Workplace versions prior to 7.0.4 for Android Zoom Workplace versions prior to 7.0.3 for iOS Description Improper authorization in the handler for custom URL schemes allows an unauthenticated user to perform an escalation of privilege via...

SUSE CVE-2026-10932

Use after free in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2026-11080

Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11411 iAI Lab PDF AI App chatpdf.pro getExternalCacheDir path traversal

A security flaw has been discovered in iAI Lab PDF AI App 4.21.0 on Android. Impacted is the function getExternalCacheDir of the component chatpdf.pro. Performing a manipulation of the argument displayname results in path traversal. The attack requires a local approach. The exploit has been...

DEBIAN-CVE-2026-11263

Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

Linux Distros Unpatched Vulnerability : CVE-2026-10934

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Autofill in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially...

Linux Distros Unpatched Vulnerability : CVE-2026-11163

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Messages in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HT...

Linux Distros Unpatched Vulnerability : CVE-2026-11119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to...

CVE-2026-11029

Insufficient validation of untrusted input in Drag and Drop in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2026-10953

Use after free in Core in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11291

Inappropriate implementation in Android Autofill in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

CVE-2026-11064

Race in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability, which was caused by improper implementation of the Cronet component in the Android version. This vulnerability could allow remote attackers to perform domai...