CVE-2026-15193 - CERT CVE
ID CVE-2026-15193
Sažetak A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance.
Reference
CVSS
Base: 4.3
Impact: 6.4
Exploitability:3.1
Pristup
VektorSloženostAutentikacija
LOCAL LOW SINGLE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:L/AC:L/Au:S/C:P/I:P/A:P
Zadnje važnije ažuriranje 09-07-2026 - 19:03
Objavljeno 09-07-2026 - 17:16