CVEs classified under CWE-926, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2025-5344: Bluebird devices contain a pre-loaded kiosk application. This application exposes an unsecured service provider "com.bluebird.kiosk.launcher…
CVE-2024-13917: An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using…
CVE-2025-68713 — CVSS 8.0 (high): An issue was discovered in Rakuten Send Anywhere (File Transfer) for Android (com.estmob.android.sendanywhere) 23.2.9. The vulnerability…
CVE-2025-32347 — CVSS 7.8 (high): In onStart of BiometricEnrollIntroduction.java, there is a possible way to determine the device's location due to an unsafe PendingIntent…
CVE-2021-25400 — CVSS 7.8 (high): Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action.
CVE-2025-15464 — CVSS 7.5 (high): Exported Activity allows external applications to gain application context and directly launch Gmail with inbox access, bypassing security…
CVE-2026-54318 — CVSS 7.1 (high): Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.5.3, the…
CVE-2023-41960 — CVSS 7.1 (high): The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the…
CVE-2024-13916: An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using…
CVE-2024-13915: Android based smartphones from vendors such as Ulefone and Krüger&Matz contain "com.pri.factorytest" application preloaded onto devices…
CVE-2021-25397 — CVSS 6.8 (medium): An improper access control vulnerability in TelephonyUI prior to SMR MAY-2021 Release 1 allows local attackers to write arbitrary files of…
CVE-2024-36437 — CVSS 6.5 (medium): The com.enflick.android.TextNow (aka TextNow: Call + Text Unlimited) application 24.17.0.2 for Android enables any installed application…
CVE-2025-5345: Bluebird devices contain a pre-loaded file manager application. This application exposes an unsecured service provider…
CVE-2026-12960: An Improper Export of Android Application Components vulnerability in ASUS Router App allows a third-party application on the same device…
CVE-2026-44279 — CVSS 5.5 (medium): An improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1…
CVE-2026-3291 — CVSS 5.5 (medium): Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the…
CVE-2025-20934 — CVSS 5.5 (medium): Improper access control in Sticker Center prior to SMR Apr-2025 Release 1 allows local attackers to access image files with system…
CVE-2023-20962 — CVSS 5.5 (medium): In getSliceEndItem of MediaVolumePreferenceController.java, there is a possible way to start foreground activity from the background due to…
CVE-2025-14517 — CVSS 5.3 (medium): A vulnerability was determined in Yalantis uCrop 2.2.11. This affects the function UCropActivity of the file AndroidManifest.xml. Executing…
CVE-2025-10722 — CVSS 5.3 (medium): A vulnerability was detected in SKTLab Mukbee App 1.01.196 on Android. This affects an unknown function of the file AndroidManifest.xml of…
CVE-2025-10721 — CVSS 5.3 (medium): A vulnerability was determined in Webull Investing & Trading App 11.2.5.63 on Android. This vulnerability affects unknown code of the file…
CVE-2025-10718 — CVSS 5.3 (medium): A vulnerability was found in Ooma Office Business Phone App up to 7.2.2 on Android. This affects an unknown part of the component…
CVE-2025-10717 — CVSS 5.3 (medium): A vulnerability has been found in intsig CamScanner App 6.91.1.5.250711 on Android. Affected by this issue is some unknown functionality of…
CVE-2025-10716 — CVSS 5.3 (medium): A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file…
CVE-2025-10715 — CVSS 5.3 (medium): A security flaw has been discovered in APEUni PTE Exam Practice App up to 10.8.0 on Android. The impacted element is an unknown function of…
CVE-2025-10195 — CVSS 5.3 (medium): A vulnerability has been found in Seismic App 2.4.2 on Android. Affected is an unknown function of the file AndroidManifest.xml of the…
CVE-2025-5500 — CVSS 5.3 (medium): A flaw has been found in ZhenShi Mibro Fit App 1.6.3.17499 on Android. This impacts an unknown function of the file AndroidManifest.xml of…
CVE-2025-9695 — CVSS 5.3 (medium): A vulnerability was identified in GalleryVault Gallery Vault App up to 4.5.2 on Android. Affected by this issue is some unknown…
CVE-2025-9677 — CVSS 5.3 (medium): A security flaw has been discovered in Modo Legend of the Phoenix up to 1.0.5. The affected element is an unknown function of the file…
CVE-2025-9676 — CVSS 5.3 (medium): A vulnerability was identified in NCSOFT Universe App up to 1.3.0. Impacted is an unknown function of the file AndroidManifest.xml of the…
CVE-2025-9675 — CVSS 5.3 (medium): A vulnerability was determined in Voice Changer App up to 1.1.0. This issue affects some unknown processing of the file AndroidManifest.xml…
CVE-2025-9674 — CVSS 5.3 (medium): A flaw has been found in Transbyte Scooper News App up to 1.2 on Android. Affected by this issue is some unknown functionality of the file…
CVE-2025-9673 — CVSS 5.3 (medium): A vulnerability was detected in Kakao 헤이카카오 Hey Kakao App up to 2.17.4 on Android. Affected by this vulnerability is an unknown…
CVE-2025-9672 — CVSS 5.3 (medium): A security vulnerability has been detected in Rejseplanen App up to 8.2.2. Affected is an unknown function of the file AndroidManifest.xml…
CVE-2025-9671 — CVSS 5.3 (medium): A weakness has been identified in UAB Paytend App up to 2.1.9 on Android. This impacts an unknown function of the file AndroidManifest.xml…
CVE-2025-9135 — CVSS 5.3 (medium): A vulnerability was detected in Verkehrsauskunft Österreich SmartRide, cleVVVer, BusBahnBim and Salzburg Verkehr up to 12.1.1(258) on…
CVE-2025-9134 — CVSS 5.3 (medium): A security vulnerability has been detected in AfterShip Package Tracker App up to 5.24.1 on Android. The affected element is an unknown…
CVE-2025-9102 — CVSS 5.3 (medium): A security vulnerability has been detected in 1&1 Mail & Media mail.com App 8.8.0 on Android. Affected is an unknown function of the file…
CVE-2025-9098 — CVSS 5.3 (medium): A vulnerability was determined in Elseplus File Recovery App 4.4.21 on Android. Affected by this issue is some unknown functionality of the…
CVE-2025-9097 — CVSS 5.3 (medium): A vulnerability was found in Euro Information CIC banque et compte en ligne App 12.56.0 on Android. Affected by this vulnerability is an…
CVE-2025-9093 — CVSS 5.3 (medium): A security vulnerability has been detected in BuzzFeed App 2024.9 on Android. This affects an unknown part of the file AndroidManifest.xml…
CVE-2025-8745 — CVSS 5.3 (medium): A vulnerability, which was classified as problematic, has been found in Weee RICEPO App 6.17.77 on Android. This issue affects some unknown…
CVE-2025-8707 — CVSS 5.3 (medium): A vulnerability was found in Huuge Box App 1.0.3 on Android. It has been classified as problematic. This affects an unknown part of the…
CVE-2025-8524 — CVSS 5.3 (medium): A vulnerability was found in Boquan DotWallet App 2.15.2 on Android and classified as problematic. Affected by this issue is some unknown…
CVE-2025-8523 — CVSS 5.3 (medium): A vulnerability has been found in RiderLike Fruit Crush-Brain App 1.0 on Android and classified as problematic. Affected by this…
CVE-2025-8513 — CVSS 5.3 (medium): A vulnerability, which was classified as problematic, was found in Caixin News App 8.0.1 on Android. Affected is an unknown function of the…
CVE-2025-8512 — CVSS 5.3 (medium): A vulnerability, which was classified as problematic, has been found in TVB Big Big Shop App 2.9.0 on Android. This issue affects some…
CVE-2025-8275 — CVSS 5.3 (medium): A vulnerability, which was classified as problematic, has been found in bsc Peru Cocktails App 1.0.0 on Android. Affected by this issue is…
CVE-2025-8258 — CVSS 5.3 (medium): A vulnerability, which was classified as problematic, has been found in Cool Mo Maigcal Number App up to 1.0.3 on Android. Affected by this…
CVE-2025-8257 — CVSS 5.3 (medium): A vulnerability classified as problematic was found in Lobby Universe Lobby App up to 2.8.0 on Android. Affected by this vulnerability is…