CVE Catalog

CVE-2026-12190

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.11%

1th percentile — higher than 1% of all known CVEs

Summary

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android, affecting unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme.

Risk Assessment

The attack can only be performed from a local environment, which limits the scope of the threat, but it may lead to unauthorized access to application features.

Recommendation

It is recommended to update the application to the latest version to minimize the risk associated with this vulnerability.

Original NVD description (English source)

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment. The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS