CVE-2026-5453

LOW 3.3

Rico só vantagem pra investir App br.com.rico.mobile SegmentSettingsModule.java hard-coded key

CVSS Score

3.3

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability has been found in Rico só vantagem pra investir App up to 4.58.32.12421 on Android. This issue affects some unknown processing of the file br/com/rico/mobile/di/SegmentSettingsModule.java of the component br.com.rico.mobile. Such manipulation of the argument SEGMENT_WRITE_KEY leads to use of hard-coded cryptographic key . The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CWE	CWE-321 CWE-320
Vendor	rico
Product	só vantagem pra investir app
Published	Apr 3, 2026
Last Updated	Apr 3, 2026

Stay Ahead of the Next One

Get instant alerts for rico só vantagem pra investir app

Be the first to know when new low vulnerabilities affecting rico só vantagem pra investir app are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Rico / só vantagem pra investir App

4.58.32.12421

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/vuln/355041 vuldb.com: https://vuldb.com/vuln/355041/cti vuldb.com: https://vuldb.com/submit/781758 notion.so: https://www.notion.so/Segment-Write-Key-Exposure-Leading-to-Data-Injection-and-User-Profile-Manipulation-In-br-com-rico-mo-3262de3f97fb800a9bfef6e6fd7d7179?source=copy_link

Credits

🔍 fxizenta (VulDB User) VulDB CNA Team