CVE-2026-12190
MediumCVSS 5.3Exploitation Probability (EPSS)
Low risk1th percentile — higher than 1% of all known CVEs
Summary
A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android, affecting unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme.
Risk Assessment
The attack can only be performed from a local environment, which limits the scope of the threat, but it may lead to unauthorized access to application features.
Recommendation
It is recommended to update the application to the latest version to minimize the risk associated with this vulnerability.
Original NVD description (English source)
A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment. The vendor was contacted early about this disclosure but did not respond in any way.

