CVE-2026-4217

A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument accessKey/secretAccessKey/securityToken leads to unprotected storage of credentials. The attack can only be performed from a local environment. The attack requires a high level of complexity. The exploitability is said to be difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS v3 2.5 LOW
CVSS v2.0 1.0 LOW

2.5^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.0 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

1.0^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:H/Au:S/C:P/I:N/A:N

Exploitability : 1.5 / Impact : 2.9

Access Vector LOCAL

Access Complexity HIGH

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://vuldb.com/?ctiid.351141
https://vuldb.com/?id.351141
https://vuldb.com/?submit.770503
https://www.notion.so/Exposed-Cryptographic-Key-and-IV-in-ai-nreal-nebula-universal-3172de3f97fb80b5a987eac2c49527e2?source=copy_link

Configurations

No configuration.

History

16 Mar 2026, 14:20

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-16 14:20

Updated : 2026-03-16 14:53

NVD link : CVE-2026-4217

Mitre link : CVE-2026-4217

CVE.ORG link : CVE-2026-4217

JSON object : View

Products Affected

No product.

CWE

CWE-255

Credentials Management Errors

CWE-256

Plaintext Storage of a Password

{"id": "CVE-2026-4217", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"version": "2.0", "baseScore": 1.0, "accessVector": "LOCAL", "vectorString": "AV:L/AC:H/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 1.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "cna@vuldb.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.5, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.0}], "cvssMetricV40": [{"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 2.0, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "LOW", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "PROOF_OF_CONCEPT", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-03-16T14:20:08.967", "references": [{"url": "https://vuldb.com/?ctiid.351141", "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?id.351141", "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?submit.770503", "source": "cna@vuldb.com"}, {"url": "https://www.notion.so/Exposed-Cryptographic-Key-and-IV-in-ai-nreal-nebula-universal-3172de3f97fb80b5a987eac2c49527e2?source=copy_link", "source": "cna@vuldb.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "cna@vuldb.com", "description": [{"lang": "en", "value": "CWE-255"}, {"lang": "en", "value": "CWE-256"}]}], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in\u00a0ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument accessKey/secretAccessKey/securityToken leads to unprotected storage of credentials. The attack can only be performed from a local environment. The attack requires a high level of complexity. The exploitability is said to be difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "lastModified": "2026-03-16T14:53:07.390", "sourceIdentifier": "cna@vuldb.com"}