CVE-2019-12366

The Nine application through 4.5.3a for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READEXTERNALSTORAGE permission...

CVE-2024-2300

HP Advance Mobile Applications for iOS and Android are potentially vulnerable to information disclosure when using an outdated version of the application via mobile devices...

CVE-2025-1629

A vulnerability was found in Excitel Broadband Private my Excitel App 3.13.0 on Android. It has been classified as problematic. Affected is an unknown function of the component One-Time Password Handler. The manipulation leads to improper restriction of excessive authentication attempts. The vend...

CVE-2025-1558

Mattermost Mobile Apps versions =2.25.0 fail to properly validate GIF images prior to rendering which allows a malicious user to cause the Android application to crash via message containing a maliciously crafted GIF...

CVE-2022-27837

A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R11.0 and 13.0.1.1 in Android S12.0 allows attacker to access the file with system privilege...

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

User interface ui misrepresentation of critical information in Microsoft Edge for Android allows an authorized attacker to perform spoofing over a network...

PT-2026-1836

Name of the Vulnerable Software and Affected Versions Microsoft Edge for Android affected versions not specified Description The user interface in Microsoft Edge for Android exhibits a misrepresentation of critical information, potentially enabling an authorized attacker to conduct spoofing attac...

KLA90843 SUI vulnerability in Microsoft Browser

A spoofing vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2025-62224 Related products Microsoft-Edge CVE list CVE-2025-62224 warning KB list Solution Install necessary updates from the Settings and more...

Microsoft Edge for Android 安全漏洞

Microsoft Edge for Android is a browser for Android from Microsoft Corporation, USA. A security vulnerability exists in Microsoft Edge for Android that stems from improper representation of critical information in the user interface, which could lead to a network spoofing attack...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000291)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000291 advisory. In binderfreetransaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000286)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000286 advisory. In uvcparsestandardcontrol of uvcdriver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure wi...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000488)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000488 advisory. In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000279)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000279 advisory. In the Android kernel in the f2fs driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with...

Millions of Android Powered TVs and Streaming Devices Infected by Kimwolf Botnet

Synthient discovers over 2 million Android TV boxes and smart TVs hijacked by the Kimwolf botnet. Learn how hackers are using home devices to launch DDoS attacks and how you can protect your home network...

PT-2026-1549

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 143.0.7499.192 Description Insufficient policy enforcement in the WebView tag allows a remote attacker to inject scripts or HTML into privileged pages via a crafted Chrome extension. This issue can be exploited ...

Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks

The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, according to findings from Synthient. "Key actors involved in the Kimwolf botnet are observed monetizing the botnet through app installs, selling residential proxy...

Android Security Bulletin—January 2026Stay organized with collectionsSave and categorize content based on your preferences.

This Android Security Bulletin contains details of security vulnerabilities that affect Android devices. Security patch levels of 2026-01-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Within 48 hours afte...

How to Protect Your iPhone or Android Device From Spyware

Being targeted by sophisticated spyware is relatively rare, but experts say that everyone needs to stay vigilant as this dangerous malware continues to proliferate worldwide...

The Kimwolf Botnet is Stalking Your Local Network

The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it's time for a broader awareness of the threat. The short version is that everything you thought you knew about...

PT-2026-26510

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 146.0.7680.153 Description A flaw exists in the WebGL component of Google Chrome on Android that could allow a remote attacker to potentially escape the sandbox through a specially crafted HTML page. The issue...