Skylot Jadx
5 CVEs affecting Skylot Jadx. Latest disclosed: 2026-07-14. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-54684 | High | 7.0 | 2026-07-14 | jadx is a Dex to Java decompiler. From 1.5.2 to 1.5.5, a malicious .xapk file can cause jadx to write attacker-controlled archive entry contents outside the in… |
CVE-2024-32653 | Medium | 6.1 | 2024-04-22 | jadx is a Dex to Java decompiler. Prior to version 1.5.0, the package name is not filtered before concatenation. This can be exploited to inject arbitrary co… |
CVE-2026-42447 | Low | 3.6 | 2026-07-14 | jadx is a Dex to Java decompiler. Prior to 1.5.6, jadx-gui is affected by an HTML injection vulnerability in the Summary tab because SummaryNode.java appends a… |
CVE-2022-39259 | Low | 3.3 | 2022-10-21 | jadx is a set of command line and GUI tools for producing Java source code from Android Dex and Apk files. versions prior to 1.4.5 are subject to a Denial of S… |
CVE-2026-42049 | | 2026-07-14 | jadx is a Dex to Java decompiler. Prior to 1.5.6, jadx inserts the android:versionName value from an AndroidManifest into the generated app/build.gradle Groovy… |