CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

75475 matches found

ATTACKERKB•added 2026/04/03 3:45 p.m.•3 views

CVE-2026-5471

A vulnerability was detected in Investory Toy Planet Trouble App up to 1.5.5 on Android. Impacted is an unknown function of the file assets/google-services-desktop.json of the component app.investory.toyfactory. The manipulation of the argument currentkey results in use of hard-coded cryptographi...

4.8CVSS5.5AI score0.00141EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/04/03 3:45 p.m.•21 views

CVE-2026-5471 Investory Toy Planet Trouble App app.investory.toyfactory google-services-desktop.json hard-coded key

4.8CVSS0.00141EPSS

Exploits0References4

CVE•added 2026/04/03 3:45 p.m.•5 views

CVE-2026-5471

Investory Toy Planet Trouble App (Android) up to v1.5.5 is affected by CVE-2026-5471 in the component app.investory.toyfactory, specifically the file assets/google-services-desktop.json. The issue arises from manipulation of the argument current_key, leading to the use of a hard-coded cryptograph...

4.8CVSS5.5AI score0.00141EPSS

Exploits0References4

EUVD•added 2026/04/03 9:30 a.m.•3 views

EUVD-2026-18603

A vulnerability was determined in Dialogue App up to 4.3.2 on Android. The affected element is an unknown function of the file file res/raw/config.json of the component ca.diagram.dialogue. Executing a manipulation of the argument SEGMENTWRITEKEY can lead to use of hard-coded cryptographic key...

4.8CVSS5.4AI score0.00106EPSS

Exploits0References5

EUVD•added 2026/04/03 9:30 a.m.•3 views

EUVD-2026-18605

A vulnerability was identified in Align Technology My Invisalign App 3.12.4 on Android. The impacted element is an unknown function of the file com/aligntech/myinvisalign/BuildConfig.java of the component com.aligntech.myinvisalign.emea. The manipulation of the argument CDAACCESSTOKEN leads to us...

4.8CVSS5.5AI score0.00105EPSS

Exploits0References5

EUVD•added 2026/04/03 9:30 a.m.•4 views

EUVD-2026-18607

A security flaw has been discovered in PropertyGuru AgentNet Singapore App up to 23.7.10 on Android. This affects an unknown function of the file com/allproperty/android/agentnet/BuildConfig.java of the component com.allproperty.android.agentnet. The manipulation of the argument...

4.8CVSS5.4AI score0.00144EPSS

Exploits0References5

EUVD•added 2026/04/03 9:30 a.m.•3 views

EUVD-2026-18613

A vulnerability was identified in Wahoo Fitness SYSTM App up to 7.2.1 on Android. Impacted is an unknown function of the file com/WahooFitness/SYSTM/BuildConfig.java of the component com.WahooFitness.SYSTM. Such manipulation of the argument SEGMENTWRITEKEY leads to use of hard-coded cryptographic...

4.8CVSS5.6AI score0.00156EPSS

Exploits0References5

EUVD•added 2026/04/03 9:30 a.m.•3 views

EUVD-2026-18611

A weakness has been identified in Noelse Individuals & Pro App up to 2.1.7 on Android. This impacts an unknown function of the file com/reactnative/antelop/BuildConfig.java of the component com.afone.noelse. This manipulation of the argument SEGMENTWRITEKEY causes use of hard-coded cryptographic...

4.8CVSS5.4AI score0.00144EPSS

Exploits0References5

The Hacker News•added 2026/04/03 9:10 a.m.•8 views

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile operating systems. The malware has been found to conceal itself within seemingly benign apps, su...

6AI score

Exploits0