CVE-2026-52698

Summary

Subscriber Sensitive Data Exposure in PushEngage – Web Push Notifications, eCommerce Automation &amp; Chat Widget <= 4.2.3 versions.

Affected Software

VendorProductVersion RangeStatus
Syed BalkhiPushEngage – Web Push Notifications, eCommerce Automation & Chat Widgetn/a <= 4.2.3affected

Weaknesses

  • CWE-201: CWE-201 Insertion of Sensitive Information Into Sent Data

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References