Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
1.9
GRID Organiser App (Android) uses hardcoded encryption key
CVE-2026-5454
Summary
The GRID Organiser App on Android versions up to 1.0.5 stores an encryption key directly in the app's code, making it vulnerable to unauthorized access if an attacker gains access to the device. This could potentially allow an attacker to access sensitive data. Update to a newer version of the app to fix this issue.
Original title
A vulnerability was found in GRID Organiser App up to 1.0.5 on Android. Impacted is an unknown function of the file file res/raw/app.json of the component co.gridapp.organiser. Performing a manipul...
Original description
A vulnerability was found in GRID Organiser App up to 1.0.5 on Android. Impacted is an unknown function of the file file res/raw/app.json of the component co.gridapp.organiser. Performing a manipulation of the argument SegmentWriteKey results in use of hard-coded cryptographic key
. The attack is only possible with local access. The exploit has been made public and could be used.
. The attack is only possible with local access. The exploit has been made public and could be used.
nvd CVSS2.0
1.7
nvd CVSS3.1
3.3
nvd CVSS4.0
1.9
Vulnerability type
CWE-320
CWE-321
Use of Hard-coded Cryptographic Key
Published: 3 Apr 2026 · Updated: 3 Apr 2026 · First seen: 3 Apr 2026