CVE-2026-4217 XREAL Nebula App ai.nreal.nebula.universal CloudStoragePlugin.java credentials storage

A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument...

CVE-2026-4217

A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument...

CVE-2026-4217 XREAL Nebula App ai.nreal.nebula.universal CloudStoragePlugin.java credentials storage

A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument...

CVE-2026-4216 i-SENS SmartLog App air.SmartLog.android hard-coded credentials

A weakness has been identified in i-SENS SmartLog App up to 2.6.8 on Android. This affects an unknown function of the component air.SmartLog.android. This manipulation causes hard-coded credentials. The attack can only be executed locally. The exploit has been made available to the public and cou...

CVE-2026-4216 i-SENS SmartLog App air.SmartLog.android hard-coded credentials

A weakness has been identified in i-SENS SmartLog App up to 2.6.8 on Android. This affects an unknown function of the component air.SmartLog.android. This manipulation causes hard-coded credentials. The attack can only be executed locally. The exploit has been made available to the public and cou...

CVE-2026-4216

The CVE-2026-4216 entry concerns the i-SENS SmartLog App (air.SmartLog.android) for Android up to version 2.6.8. The vulnerability arises from a developer-mode function used during Bluetooth pairing configuration, which permits hard-coded credentials to be exposed. Impact is described as partial ...

CVE-2026-4216

A weakness has been identified in i-SENS SmartLog App up to 2.6.8 on Android. This affects an unknown function of the component air.SmartLog.android. This manipulation causes hard-coded credentials. The attack can only be executed locally. The exploit has been made available to the public and cou...

CVE-2026-20993

Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information...

CVE-2026-20993

Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information...

CVE-2026-20993

Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information...

CVE-2026-20990

CVE-2026-20990 stems from an improper export of Android app components in Samsung Secure Folder prior to the SMR Mar-2026 Release 1, enabling local attackers to launch arbitrary activities with Secure Folder privilege. The issue is described as a local-privilege escalation due to component export...

CVE-2026-20990

Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege...

CVE-2026-20990

Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege...

CVE-2026-20990

Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege...

PT-2026-25752

A security flaw has been discovered in BabyChakra Pregnancy & Parenting App up to 5.4.3.0 on Android. This affects an unknown function of the file file app/babychakra/babychakra/Configuration.java of the component app.babychakra.babychakra. Performing a manipulation of the argument SEGMENT WRITE...

PT-2026-25760

A weakness has been identified in La Nacion App 10.2.25 on Android. This impacts an unknown function of the file source/app/lanacion/clublanacion/BuildConfig.java of the component app.lanacion.activity. Executing a manipulation of the argument API KEY WEBSOCKET CV can lead to unprotected storage ...

PT-2026-25771

A vulnerability was determined in CityData CityChat up to 0.12.6 on Android. Affected by this vulnerability is an unknown functionality of the file resources/assets/flutter assets/assets/credentials.json of the component ai.citydata.citychat. Executing a manipulation can lead to unprotected stora...

PT-2026-25618

A flaw has been found in INDEX Conferences & Exhibitions Organization YWF BPOF APGCS App up to 1.0.2 on Android. Affected by this vulnerability is an unknown functionality of the file com/index/event/BuildConfig.java of the component ae.index.apgcs. Executing a manipulation of the argument ACCESS...

PT-2026-25613

A weakness has been identified in i-SENS SmartLog App up to 2.6.8 on Android. This affects an unknown function of the component air.SmartLog.android. This manipulation causes hard-coded credentials. The attack can only be executed locally. The exploit has been made available to the public and cou...

PT-2026-25614

A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument...