Vulnerability in Evbee Service
CVE-2026-22093
The EVbee Service Android app uses TLS encrypted communication (HTTPS), but does not validate the certificate provided by the server. This allows an attacker on the network path between the app and EVbee server to intercept and manipulate…
Vulnerability class: Improper Certificate Validation
Affected products
- Evbee Service — versions 0
Weakness classification (CWE)
References
- csirt@divd.nl (third-party-advisory)