Threats Tagged 'cwe-926'
View all threats tagged with 'cwe-926'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cwe-926'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-54318: CWE-926: Improper Export of Android Application Components in home-assistant coreCVE-2026-54318 0 Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.5.3, the LocationSensorManager BroadcastReceiver is exported with no permission. Any installed app, with zero runtime permissions, can broadcast a forged Google Play Services LocationResult directly to it; the receiver trusts the extra and forwards it to the user's Home Assistant server as the device's real location. This bypasses Android's developer-mode "Mock Location" gate and allows a local malicious app to drive zone-based automations (unlock door / disarm alarm / open garage) by faking the user's GPS position. This vulnerability is fixed in 2026.5.3. Join the discussion | CVE Database V5 | 06/23/2026, 17:40:28 UTC Added: 06/23/2026, 18:09:40 UTC |
CVE-2026-21034: CWE-926: Improper Export of Android Application Components in Samsung Mobile Samsung AutoCVE-2026-21034 0 Improper export of android application components in Samsung Auto prior to version 3.1.2.61 in Android 15 and 3.2.0.38 in Android 16 allows local attacker to change audio configuration. Join the discussion | CVE Database V5 | 06/05/2026, 10:15:41 UTC Added: 06/05/2026, 10:33:45 UTC |
CVE-2026-21033: CWE-926: Improper Export of Android Application Components in Samsung Mobile Samsung AssistantCVE-2026-21033 0 Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script. Join the discussion | CVE Database V5 | 06/05/2026, 10:15:40 UTC Added: 06/05/2026, 10:33:45 UTC |
CVE-2026-21032: CWE-926: Improper Export of Android Application Components in Samsung Mobile Samsung AssistantCVE-2026-21032 0 Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script. Join the discussion | CVE Database V5 | 06/05/2026, 10:15:38 UTC Added: 06/05/2026, 10:33:41 UTC |
CVE-2026-21029: CWE-926: Improper Export of Android Application Components in Samsung Mobile Samsung Mobile DevicesCVE-2026-21029 0 Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations. Join the discussion | CVE Database V5 | 06/05/2026, 10:15:35 UTC Added: 06/05/2026, 10:33:41 UTC |
CVE-2026-21027: CWE-926 : Improper Export of Android Application Components in Samsung Mobile Samsung Mobile DevicesCVE-2026-21027 0 Improper export of android application components in ImsSettings prior to SMR Jun-2026 Release 1 allows local attackers to trigger logging function. Join the discussion | CVE Database V5 | 06/05/2026, 10:15:33 UTC Added: 06/05/2026, 10:33:41 UTC |
CVE-2026-21026: CWE-926 : Improper Export of Android Application Components in Samsung Mobile Samsung Mobile DevicesCVE-2026-21026 0 Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information. Join the discussion | CVE Database V5 | 06/05/2026, 10:15:32 UTC Added: 06/05/2026, 10:33:41 UTC |
Showing 1 to 7 of 7 results