CVE-2026-5458

Name of the Vulnerable Software and Affected Versions Noelse Individuals & Pro App versions through 2.1.7

Description A weakness exists in Noelse Individuals & Pro App on Android, up to version 2.1.7. The issue involves manipulation of the SEGMENT WRITE KEY argument within an unknown function of the file com/reactnative/antelop/BuildConfig.java of the com.afone.noelse component, leading to the use of a hard-coded cryptographic key. The attack requires local access. The exploit has been publicly released.

Recommendations Update Noelse Individuals & Pro App to a version later than 2.1.7.