CVE-2026-47782

Summary

Android App "RoboForm Password Manager" provided by Siber Systems, Inc. handles Android intents without sufficient URL validation, user confirmation nor notification. If a URL to some malicious web page is given through an intent, RoboForm may silently download files without user confirmation nor notification.

Affected Software

VendorProductVersion RangeStatus
Siber Systems, Inc.Android App “RoboForm Password Manager”9.8.6.3 and prioraffected

Weaknesses

  • CWE-357: Insufficient UI warning of dangerous operations

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References