CVE-2026-1814

CVE-2026-1814 affects Rapid7 Nexpose versions 6.4.50 and later. The root cause is an insufficient entropy issue in Password key generation: CredentialsKeyStorePassword.generateRandomPassword() creates passwords with insufficient length (7–12 chars) and a static prefix 'p', yielding a weak keyspac...

Eurowings - cheap flights - Dangerous filesystem permissions, Insecure KeyStore, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Eurowings - cheap flights published at the 'play' market has multiple vulnerabilities...

Bit Heroes - Customized SSL, Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Bit Heroes published at the 'play' market has multiple vulnerabilities...

Packet Capture - Customized SSL, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Packet Capture published at the 'play' market has multiple vulnerabilities...

Hero Wars - Customized SSL, Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Hero Wars published at the 'play' market has multiple vulnerabilities...

OpenKeychain: Easy PGP - Customized SSL, Exported ContentProvider, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application OpenKeychain: Easy PGP published at the 'play' market has multiple vulnerabilities...

Sweet Baby Girl Daycare 4 - Customized SSL, Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Sweet Baby Girl Daycare 4 published at the 'play' market has multiple vulnerabilities...

Akbank Direkt - Customized SSL, Insecure KeyStore, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Akbank Direkt published at the 'play' market has multiple vulnerabilities...

GreenAddress Bitcoin Wallet - BSD license, Customized SSL, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application GreenAddress Bitcoin Wallet published at the 'play' market has multiple vulnerabilities...

slither.io - Dangerous filesystem permissions, Insecure KeyStore, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application slither.io published at the 'play' market has multiple vulnerabilities...

Facebook Mentions - Dynamic Code Loading, Exported components, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Facebook Mentions published at the 'play' market has multiple vulnerabilities...

Библиотека - Apache license, BSD license, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Библиотека published at the 'play' market has multiple vulnerabilities...

Гипермаркет - Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Гипермаркет published at the 'play' market has multiple vulnerabilities...

Bill.com - Apache license, BSD license, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Bill.com published at the 'play' market has multiple vulnerabilities...

SignagePlayer Android (FREE) - Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application SignagePlayer Android FREE published at the 'play' market has multiple vulnerabilities...

彰銀淘金王 - Customized SSL, Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application 彰銀淘金王 published at the 'play' market has multiple vulnerabilities...

ABC Learning letters toddlers - Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application ABC Learning letters toddlers published at the 'play' market has multiple vulnerabilities...

Acorns - Invest Spare Change - Base64 encoded String, Customized SSL, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Acorns - Invest Spare Change published at the 'play' market has multiple vulnerabilities...

DS photo - Customized SSL, Insecure KeyStore, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application DS photo published at the 'play' market has multiple vulnerabilities...

GoM - Adventure Puzzle Game - Base64 encoded String, Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application GoM - Adventure Puzzle Game published at the 'play' market has multiple vulnerabilities...