CVE-2026-41872

"Kura Sushi Official App" provided by EPG, Inc. is vulnerable to improper certificate validation. A man-in-the-middle attack may allow eavesdropping on, or altering, the communication on push notifications between the affected application and the relevant server...

PT-2024-28665 · Mattermost +1 · Mattermost Mobile Apps +1

Name of the Vulnerable Software and Affected Versions: Mattermost Mobile Apps versions =2.16.0 Description: The issue allows a malicious server to send push notifications with another server's diagnostic ID or server URL, making them appear as legitimate push notifications from the actual server ...