CVE-2026-47782

Published: Mag 21, 2026 Last Modified: Mag 21, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 4,6

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: active

Confidentiality: N/A

Integrity: N/A

Availability: N/A

LOW 3,3

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: required

Scope: unchanged

Confidentiality: none

Integrity: low

Availability: none

Description

AI Translation Available

Android App 'RoboForm Password Manager' provided by Siber Systems, Inc. handles Android intents without sufficient URL validation, user confirmation nor notification. If a URL to some malicious web page is given through an intent, RoboForm may silently download files without user confirmation nor notification.

357

Insufficient UI Warning of Dangerous Operations

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Non-Repudiation

Potential Impacts:

Hide Activities

Applicable Platforms

All platforms may be affected

View CWE Details

https://jvn.jp/en/vu/JVNVU93461473/

https://jvn.jp/en/vu/JVNVU93461473/

https://play.google.com/store/apps/details?id=com.siber.rob…

https://play.google.com/store/apps/details?id=com.siber.roboform

https://www.roboform.com/news-android

https://www.roboform.com/news-android