VYPR

Jack Sessions Cves

by JackSessions

Source repositories

CVEs (2)

  • CVE-2025-50861MedAug 14, 2025
    risk 0.42cvss 6.5epss 0.00

    The Lotus Cars Android app (com.lotus.carsdomestic.intl) 1.2.8 contains an exported component, PushDeepLinkActivity, which is accessible without authentication via ADB or malicious apps. This poses a risk of unintended access to application internals and can cause denial of…

  • CVE-2025-50862MedAug 14, 2025
    risk 0.38cvss 5.9epss 0.00

    The Lotus Cars Android app (com.lotus.carsdomestic.intl) 1.2.8 has allowBackup=true set in its manifest, allowing data exfiltration via ADB backup on rooted or debug-enabled devices. This presents a risk of user data exposure.