PT-2026-30730 · Meesho · Meesho Online Shopping App
Honest_Corrupt
·
Published
2026-04-06
·
Updated
2026-04-06
·
CVE-2026-5682
CVSS v3.1
3.7
Low
| AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Meesho Online Shopping App versions up to 27.3
Description
A vulnerability exists in the Meesho Online Shopping App for Android, affecting versions up to 27.3. The issue involves a risky cryptographic algorithm within an unknown function of the
/api/endpoint file in the com.meesho.supply component. This manipulation can be performed remotely, but requires a high level of complexity and is considered difficult to exploit. The exploit has been publicly disclosed.Recommendations
Update Meesho Online Shopping App to a version newer than 27.3.
Exploit
Fix
Use of a Broken Cryptographic Algorithm
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Meesho Online Shopping App