CWE-926
80 CVEs classified under CWE-926. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-68713 | High | 8.0 | 2026-06-15 | An issue was discovered in Rakuten Send Anywhere (File Transfer) for Android (com.estmob.android.sendanywhere) 23.2.9. The vulnerability allows untrusted appli… |
CVE-2025-32347 | High | 7.8 | 2025-09-04 | In onStart of BiometricEnrollIntroduction.java, there is a possible way to determine the device's location due to an unsafe PendingIntent. This could lead to l… |
CVE-2021-25400 | High | 7.8 | 2021-06-11 | Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action. |
CVE-2025-15464 | High | 7.5 | 2026-01-08 | Exported Activity allows external applications to gain application context and directly launch Gmail with inbox access, bypassing security controls. |
CVE-2026-54318 | High | 7.1 | 2026-06-23 | Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.5.3, the LocationSensorManager BroadcastReceive… |
CVE-2023-41960 | High | 7.1 | 2023-10-25 | The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the Android Agent applicati… |
CVE-2021-25388 | High | 7.1 | 2021-06-11 | Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers to install arbitrary app. |
CVE-2021-25397 | Medium | 6.8 | 2021-06-11 | An improper access control vulnerability in TelephonyUI prior to SMR MAY-2021 Release 1 allows local attackers to write arbitrary files of telephony process vi… |
CVE-2025-27599 | Medium | 6.5 | 2025-04-18 | Element X Android is a Matrix Android Client provided by element.io. Prior to version 25.04.2, a crafted hyperlink on a webpage, or a locally installed malicio… |
CVE-2024-36437 | Medium | 6.5 | 2025-02-03 | The com.enflick.android.TextNow (aka TextNow: Call + Text Unlimited) application 24.17.0.2 for Android enables any installed application (with no permissions)… |
CVE-2026-44279 | Medium | 5.5 | 2026-05-12 | An improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTok… |
CVE-2026-3291 | Medium | 5.5 | 2026-05-06 | Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mobile devic… |
CVE-2025-20934 | Medium | 5.5 | 2025-04-08 | Improper access control in Sticker Center prior to SMR Apr-2025 Release 1 allows local attackers to access image files with system privilege. |
CVE-2023-20962 | Medium | 5.5 | 2023-03-24 | In getSliceEndItem of MediaVolumePreferenceController.java, there is a possible way to start foreground activity from the background due to an unsafe PendingIn… |
CVE-2025-14517 | Medium | 5.3 | 2025-12-11 | A vulnerability was determined in Yalantis uCrop 2.2.11. This affects the function UCropActivity of the file AndroidManifest.xml. Executing manipulation can l… |
CVE-2025-10722 | Medium | 5.3 | 2025-09-19 | A vulnerability was detected in SKTLab Mukbee App 1.01.196 on Android. This affects an unknown function of the file AndroidManifest.xml of the component com.dw… |
CVE-2025-10721 | Medium | 5.3 | 2025-09-19 | A vulnerability was determined in Webull Investing & Trading App 11.2.5.63 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml… |
CVE-2025-10718 | Medium | 5.3 | 2025-09-19 | A vulnerability was found in Ooma Office Business Phone App up to 7.2.2 on Android. This affects an unknown part of the component com.ooma.office2. The manipul… |
CVE-2025-10717 | Medium | 5.3 | 2025-09-19 | A vulnerability has been found in intsig CamScanner App 6.91.1.5.250711 on Android. Affected by this issue is some unknown functionality of the file AndroidMan… |
CVE-2025-10716 | Medium | 5.3 | 2025-09-19 | A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml… |