CWE-926

80 CVEs classified under CWE-926. Browse by severity and year.

Top CVEs for CWE-926
CVESeverityScorePublishedSummary
CVE-2025-68713High8.02026-06-15An issue was discovered in Rakuten Send Anywhere (File Transfer) for Android (com.estmob.android.sendanywhere) 23.2.9. The vulnerability allows untrusted appli…
CVE-2025-32347High7.82025-09-04In onStart of BiometricEnrollIntroduction.java, there is a possible way to determine the device's location due to an unsafe PendingIntent. This could lead to l…
CVE-2021-25400High7.82021-06-11Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action.
CVE-2025-15464High7.52026-01-08Exported Activity allows external applications to gain application context and directly launch Gmail with inbox access, bypassing security controls.
CVE-2026-54318High7.12026-06-23Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.5.3, the LocationSensorManager BroadcastReceive…
CVE-2023-41960High7.12023-10-25The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the Android Agent applicati…
CVE-2021-25388High7.12021-06-11Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers to install arbitrary app.
CVE-2021-25397Medium6.82021-06-11An improper access control vulnerability in TelephonyUI prior to SMR MAY-2021 Release 1 allows local attackers to write arbitrary files of telephony process vi…
CVE-2025-27599Medium6.52025-04-18Element X Android is a Matrix Android Client provided by element.io. Prior to version 25.04.2, a crafted hyperlink on a webpage, or a locally installed malicio…
CVE-2024-36437Medium6.52025-02-03The com.enflick.android.TextNow (aka TextNow: Call + Text Unlimited) application 24.17.0.2 for Android enables any installed application (with no permissions)…
CVE-2026-44279Medium5.52026-05-12An improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTok…
CVE-2026-3291Medium5.52026-05-06Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mobile devic…
CVE-2025-20934Medium5.52025-04-08Improper access control in Sticker Center prior to SMR Apr-2025 Release 1 allows local attackers to access image files with system privilege.
CVE-2023-20962Medium5.52023-03-24In getSliceEndItem of MediaVolumePreferenceController.java, there is a possible way to start foreground activity from the background due to an unsafe PendingIn…
CVE-2025-14517Medium5.32025-12-11A vulnerability was determined in Yalantis uCrop 2.2.11. This affects the function UCropActivity  of the file AndroidManifest.xml. Executing manipulation can l…
CVE-2025-10722Medium5.32025-09-19A vulnerability was detected in SKTLab Mukbee App 1.01.196 on Android. This affects an unknown function of the file AndroidManifest.xml of the component com.dw…
CVE-2025-10721Medium5.32025-09-19A vulnerability was determined in Webull Investing & Trading App 11.2.5.63 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml…
CVE-2025-10718Medium5.32025-09-19A vulnerability was found in Ooma Office Business Phone App up to 7.2.2 on Android. This affects an unknown part of the component com.ooma.office2. The manipul…
CVE-2025-10717Medium5.32025-09-19A vulnerability has been found in intsig CamScanner App 6.91.1.5.250711 on Android. Affected by this issue is some unknown functionality of the file AndroidMan…
CVE-2025-10716Medium5.32025-09-19A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml…