CVE-2026-4243 | La Nacion App 10.2.25 on Android app.lanacion.activity BuildConfig.java API_KEY_WEBSOCKET_CV credentials storage

A vulnerability categorized as problematic has been discovered in La Nacion App 10.2.25 on Android. This impacts an unknown function of the file source/app/lanacion/clublanacion/BuildConfig.java of the component app.lanacion.activity. Executing a manipulation of the argument API_KEY_WEBSOCKET_CV can lead to unprotected storage of credentials.

The identification of this vulnerability is CVE-2026-4243. The attack can only be executed locally. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More