EUVD-2026-13808

ArcSearch for Android versions prior to 1.12.7 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web content...

CVE-2026-2378

ArcSearch for Android versions prior to 1.12.7 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web content...

EUVD-2026-13445

Out of bounds memory access in WebGL in Google Chrome on Android prior to 146.0.7680.153 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

Cryptomator 安全漏洞

Cryptomator is a simple digital self-defense tool from the Cryptomator community. Versions of Cryptomator prior to 1.12.3 contained security vulnerabilities, which were due to insufficient integrity checks in the Android system. These vulnerabilities could lead to man-in-the-middle attacks and...

PT-2026-26659

Cryptomator for Android offers multi-platform transparent client-side encryption for files in the cloud. Prior to version 1.12.3, an integrity check vulnerability allows an attacker tamper with the vault configuration file leading to a man-in-the-middle vulnerability in Hub key loading mechanism...

PT-2026-26680

CVE-2026-2378 ArcSearch for Android versions prior to 1.12.7 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after use… https://t.co/bicqMxffCH...

CVE-2026-4251 CityData CityChat ai.citydata.citychat credentials.json credentials storage

A vulnerability was determined in CityData CityChat up to 0.12.6 on Android. Affected by this vulnerability is an unknown functionality of the file resources/assets/flutterassets/assets/credentials.json of the component ai.citydata.citychat. Executing a manipulation can lead to unprotected storag...

CVE-2026-4243

A weakness has been identified in La Nacion App 10.2.25 on Android. This impacts an unknown function of the file source/app/lanacion/clublanacion/BuildConfig.java of the component app.lanacion.activity. Executing a manipulation of the argument APIKEYWEBSOCKETCV can lead to unprotected storage of...

CVE-2026-4242 BabyChakra Pregnancy & Parenting App app.babychakra.babychakra Configuration.java credentials storage

A security flaw has been discovered in BabyChakra Pregnancy & Parenting App up to 5.4.3.0 on Android. This affects an unknown function of the file file app/babychakra/babychakra/Configuration.java of the component app.babychakra.babychakra. Performing a manipulation of the argument SEGMENTWRITEKE...

PT-2026-25614

A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument...

PT-2026-25613

A weakness has been identified in i-SENS SmartLog App up to 2.6.8 on Android. This affects an unknown function of the component air.SmartLog.android. This manipulation causes hard-coded credentials. The attack can only be executed locally. The exploit has been made available to the public and cou...

SUSE CVE-2026-3925

Incorrect security UI in LookalikeChecks in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

EUVD-2026-11462

Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-3936

Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

Google Chrome on Android 资源管理错误漏洞

Google Chrome is a free web browser developed by Google Inc. A security vulnerability exists in Google Chrome WebView that originates from re-referencing or using freed memory, which can be exploited by remote attackers to execute arbitrary code...

PT-2026-24880

🚨 CVE-2026-3932 Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium 🎖@cveNotify...

Exploit for Deserialization of Untrusted Data in Google Android

🔥 ZygoteExploitDemo - CVE-2024-31317 Android Security Lab...

Google Android Denial of Service Vulnerability (CNVD-2026-14647)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a denial of service vulnerability that stems from improper input validation in multiple locations, which can be exploited by an attacker to cause a denial of service...

Google Android elevation of privilege vulnerability (CNVD-2026-14644)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from a logic error in multiple functions of TaskFragmentOrganizerController.java, which can be exploited by an attacker to elevate privileg...

CVE-2026-30791

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Config import, URI scheme handler, CLI --config modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated wit...