CVE-2026-5682

LOW 3.7

Meesho Online Shopping App com.meesho.supply endpoint risky encryption

CVSS Score

3.7

EPSS Score

0.0%

EPSS Percentile

5th

A vulnerability has been found in Meesho Online Shopping App up to 27.3 on Android. Affected is an unknown function of the file /api/endpoint of the component com.meesho.supply. Such manipulation leads to risky cryptographic algorithm. The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

CWE	CWE-327 CWE-310
Vendor	meesho
Product	online shopping app
Published	Apr 6, 2026
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for meesho online shopping app

Be the first to know when new low vulnerabilities affecting meesho online shopping app are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Meesho / Online Shopping App

27.0 27.1 27.2 27.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/vuln/355509 vuldb.com: https://vuldb.com/vuln/355509/cti vuldb.com: https://vuldb.com/submit/792717 github.com: https://github.com/honestcorrupt/MEESHO-CVE

Credits

🔍 honest_corrupt (VulDB User)