CVE-2026-12190

CVE Database · CVE-2026-12190

CVE-2026-12190

· MEDIUMReceived

CVSS v3.1

5.3

CVSS v4.0

4.8

EPSS

0.10%

Published

Jun 14, 2026

Modified

Jun 14, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Weaknesses (CWE)

CWE-285CWE-939

References (5)

https://github.com/actuator/ai.mainfunc.genspark

https://vuldb.com/cve/CVE-2026-12190

https://vuldb.com/submit/825558

https://vuldb.com/vuln/370836

https://vuldb.com/vuln/370836/cti

KEV Catalog EPSS Scores Vendors All CVEs