๐Ÿ” CVE Alert

CVE-2026-12190

MEDIUM 5.3

Genspark AI Workspace App ai.mainfunc.genspark improper authorization in handler for custom url scheme

CVSS Score
5.3
EPSS Score
0.0%
EPSS Percentile
0th

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment. The vendor was contacted early about this disclosure but did not respond in any way.

CWE CWE-939 CWE-285
Vendor genspark
Product ai workspace app
Published Jun 14, 2026
Stay Ahead of the Next One

Get instant alerts for genspark ai workspace app

Be the first to know when new medium vulnerabilities affecting genspark ai workspace app are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

Genspark / AI Workspace App
2.8.4

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
vuldb.com: https://vuldb.com/vuln/370836 vuldb.com: https://vuldb.com/vuln/370836/cti vuldb.com: https://vuldb.com/cve/CVE-2026-12190 vuldb.com: https://vuldb.com/submit/825558 github.com: https://github.com/actuator/ai.mainfunc.genspark

Credits

๐Ÿ” Actuator (VulDB User) VulDB CNA Team