CVE-2026-10510

MEDIUM 6.1

GeniexWebView XSS in com.transsion.aiassistantlifestyle

CVSS Score

6.1

EPSS Score

0.0%

EPSS Percentile

0th

Cross-Site Scripting (XSS) in GeniexWebView component in Transsion AI Assistant Lifestyle application (com.transsion.aiassistantlifestyle) all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted web_action_data URL parameter.

CWE	CWE-79
Vendor	tecno mobile
Product	com.transsion.aiassistantlifestyle
Published	Jun 2, 2026
Last Updated	Jun 2, 2026

Stay Ahead of the Next One

Get instant alerts for tecno mobile com.transsion.aiassistantlifestyle

Be the first to know when new medium vulnerabilities affecting tecno mobile com.transsion.aiassistantlifestyle are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

TECNO Mobile / com.transsion.aiassistantlifestyle

v1.3.0.002

References

NVD ↗ CVE.org ↗ EPSS Data ↗

security.tecno.com: https://security.tecno.com/SRC/securityUpdates