Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
1.9
Rico só vantagem pra investir App for Android has a Security Key Leak
CVE-2026-5453
Summary
A security weakness has been found in the Rico só vantagem pra investir App for Android. This means that a hacker could potentially access sensitive information by manipulating a specific setting. App users should be cautious when using this app and consider updating to the latest version if one is available.
Original title
A vulnerability has been found in Rico só vantagem pra investir App up to 4.58.32.12421 on Android. This issue affects some unknown processing of the file br/com/rico/mobile/di/SegmentSettingsModul...
Original description
A vulnerability has been found in Rico só vantagem pra investir App up to 4.58.32.12421 on Android. This issue affects some unknown processing of the file br/com/rico/mobile/di/SegmentSettingsModule.java of the component br.com.rico.mobile. Such manipulation of the argument SEGMENT_WRITE_KEY leads to use of hard-coded cryptographic key
. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
1.7
nvd CVSS3.1
3.3
nvd CVSS4.0
1.9
Vulnerability type
CWE-320
CWE-321
Use of Hard-coded Cryptographic Key
Published: 3 Apr 2026 · Updated: 3 Apr 2026 · First seen: 3 Apr 2026