Nullptr

**Name of the Vulnerable Software and Affected Versions** MIUI OS version 10.1.3.0 **Description** A security issue allows a physically proximate attacker to bypass lockscreen authentication using the Wallpaper Carousel application. This enables access to sensitive clipboard data and partially stored user credentials. The issue arises from paste access to a social media login page. **Recommendations** For MIUI OS version 10.1.3.0, consider disabling the Wallpaper Carousel application as a temporary workaround to minimize the risk of exploitation. Restrict access to the clipboard data and stored credentials to prevent unauthorized access until a fix is available.

**Name of the Vulnerable Software and Affected Versions** Xiaomi Mi browser version 10.5.6-g Mint Browser version 1.5.3 **Description** A URL spoofing issue was discovered due to the handling of the `q` query parameter in the affected browsers. Specifically, the portion of an https URL before the ?q= substring is not displayed to the user. **Recommendations** For Xiaomi Mi browser version 10.5.6-g, update to a version that properly handles the `q` query parameter to prevent URL spoofing. For Mint Browser version 1.5.3, update to a version that correctly displays the entire https URL, including the portion before the ?q= substring, to mitigate the risk of URL spoofing. As a temporary workaround, consider avoiding the use of the `q` query parameter in the affected browsers until a patch is available.