CVE-2026-5453

216.73.216.226

· Published 03/04/2026 05:16 · Modified 03/04/2026 16:10

Labels: CVE-2026-5453 2026-04-03 CVE-2026-5453 CWE-320 [email protected]

Essential information

Published: 03/04/2026 05:16
Modified: 03/04/2026 16:10
Author: —
Creator: —
CVSS: 1.9 LOW (v3) 1.9 LOW (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

A vulnerability has been found in Rico só vantagem pra investir App up to 4.58.32.12421 on Android. This issue affects some unknown processing of the file br/com/rico/mobile/di/SegmentSettingsModule.java of the component br.com.rico.mobile. Such manipulation of the argument SEGMENT_WRITE_KEY leads to use of hard-coded cryptographic key . The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

NVD status

Status: Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
rico / rico app	`cpe:2.3:a:rico:rico_app:<4.58.32.12421:::::::*`