216.73.217.80

CVE-2026-5420

· Published 02/04/2026 20:16 · Modified 03/04/2026 16:10

Labels: CVE-2026-5420 2026-04-02CVE-2026-5420CWE-320[email protected]

Essential information

Published
02/04/2026 20:16
Modified
03/04/2026 16:10
Author
Creator
CVSS
2.0 LOW (v3) 2.0 LOW (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A security flaw has been discovered in Shinrays Games Goods Triple App up to 1.200. The affected element is an unknown function of the file jRwTX.java of the component cats.goods.sort.sorting.games. Performing a manipulation of the argument AES_IV/AES_PASSWORD results in use of hard-coded cryptographic key . Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is described as difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
shinrays / games goods triple app cpe:2.3:a:shinrays:games_goods_triple_app:<1.200:*:*:*:*:*:*:*

References