Happy0717

**Name of the Vulnerable Software and Affected Versions** pikpak version 1.29.2 **Description** The Android version of pikpak was discovered to contain an information leak via the debug interface. **Recommendations** For pikpak version 1.29.2, consider disabling the debug interface as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Void Tools Everything versions prior to 1.4.1.1022 **Description** The issue is related to a Regular Expression Denial of Service (ReDoS). No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For versions prior to 1.4.1.1022, update to version 1.4.1.1022 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** starsoftcomm CooCare version 5.304 **Description** The issue is related to insecure privilege management in the CooCare software, allowing local attackers to escalate privileges and execute arbitrary commands via a crafted file upload. This can enable an attacker to gain elevated access and perform unauthorized actions. **Recommendations** For starsoftcomm CooCare version 5.304, consider restricting file upload capabilities to prevent exploitation until a patch is available. As a temporary workaround, limit local access to the software to minimize the risk of privilege escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.