CVE-2025-63289

CRITICAL

Sogexia Android App - Info Disclosure

Title source: llm

Description

Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to contain hardcoded encryption keys in the encryption_helper.dart file

References (2)

[Third Party Advisory] https://medium.com/@sudosu01/information-disclosure-hardcoded-encryption-keys-fc375abf68a3

[Not Applicable] https://www.linkedin.com/in/umanhonlengabriel

Scores

CVSS v3 9.1

EPSS 0.0003

EPSS Percentile 7.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-321

Status published

Products (1)

sogexia/sogexia 35

Published Nov 12, 2025

Tracked Since Feb 18, 2026