Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-939 (自定义URL方案处理程序中的授权不正确) — Vulnerability Class 12

12 vulnerabilities classified as CWE-939 (自定义URL方案处理程序中的授权不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-35394 Mobile Next has Arbitrary Android Intent Execution via mobile_open_url — mobile-mcp 8.3 High2026-04-06
CVE-2026-33335 Vikunja Desktop allows arbitrary local application invocation via unvalidated shell.openExternal — vikunja 6.1 -2026-03-24
CVE-2026-26123 Microsoft Authenticator Information Disclosure Vulnerability — Microsoft Authenticator for Android 5.5 Medium2026-03-10
CVE-2026-1046 Arbitrary application execution via unvalidated server-controlled URLs in Help menu — Mattermost 7.6 High2026-02-16
CVE-2025-67739 JetBrains TeamCity 安全漏洞 — TeamCity 3.1 Low2025-12-11
CVE-2025-41408 LY Yahoo! Shopping App 安全漏洞 — "Yahoo! Shopping" App for Android 6.1AIMediumAI2025-09-05
CVE-2024-54125 Shonen Jump+ 安全漏洞 — "Shonen Jump+" App for Android 6.1 -2024-12-17
CVE-2024-54014 Skylark Holdings Skylark App 安全漏洞 — 'Skylark' App for Android 6.5AIMediumAI2024-12-05
CVE-2024-33606 MicroDicom DICOM Viewer Improper Authorization in Handler for Custom URL Scheme — DICOM Viewer 8.8 High2024-06-11
CVE-2023-43582 Zoom Client 授权问题漏洞 — Zoom Clients 5.5 Medium2023-11-14
CVE-2022-20736 Cisco AppDynamics Controller Authorization Bypass Vulnerability — Cisco AppDynamics 5.3 Medium2022-06-15
CVE-2020-11000 Improper URL validation in GreenBrowser — GreenBrowser 5.7 Medium2020-04-08

Vulnerabilities classified as CWE-939 (自定义URL方案处理程序中的授权不正确) represent 12 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.