Soyam Arya (aka honest_corrupt)

3 exploits Active since Jun 2025
CVE-2026-5682 NOMISEC LOW WRITEUP
Meesho Online Shopping App com.meesho.supply endpoint risky encryption
A vulnerability has been found in Meesho Online Shopping App up to 27.3 on Android. Affected is an unknown function of the file /api/endpoint of the component com.meesho.supply. Such manipulation leads to risky cryptographic algorithm. The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
CVSS 3.7
CVE-2026-5682 WRITEUP LOW WRITEUP
Meesho Online Shopping App com.meesho.supply endpoint risky encryption
A vulnerability has been found in Meesho Online Shopping App up to 27.3 on Android. Affected is an unknown function of the file /api/endpoint of the component com.meesho.supply. Such manipulation leads to risky cryptographic algorithm. The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
CVSS 3.7
CVE-2025-6748 WRITEUP LOW WRITEUP
Bharti Airtel Thanks App 4.105.4 - Info Disclosure
A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on Android. Affected is an unknown function of the file /Android/data/com.myairtelapp/files/. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 2.1