Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Local-only attack via co-installed app requires low privilege (PR:L, AV:L); no scope change and uniformly low CIA impact confirmed by CVSS 4.0 source vector.
Primary rating from Vendor (VulDB).
CVSS VectorVendor: VulDB
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
Improper authorization in the custom URL scheme handler of Genspark AI Workspace App 2.8.4 on Android allows a local low-privileged attacker to invoke restricted application functionality via the ai.mainfunc.genspark component without proper access control. The flaw is classified under CWE-939, affecting inter-app communication on Android where the URL scheme handler fails to verify the caller's authorization. No patch is available as the vendor did not respond to responsible disclosure; no public exploit or CISA KEV confirmation exists at time of analysis.
Technical ContextAI
Android applications can register custom URL scheme handlers - also known as deep link or intent handlers - that allow external apps or processes to trigger internal functionality. CWE-939 (Improper Authorization in Handler for Custom URL Scheme) describes a class of weakness where the receiving component fails to validate whether the invoking caller is authorized to perform the requested action. In the Android security model, improperly exported activities or unprotected intent filters can be invoked by any co-resident app on the device. The affected component is ai.mainfunc.genspark within version 2.8.4 of the Genspark AI Workspace App (CPE: cpe:2.3:a:genspark:ai_workspace_app:*:*:*:*:*:*:*:*). The wildcard in the CPE version field indicates NVD has not scoped this to a specific confirmed-fixed version, suggesting the flaw may extend beyond 2.8.4 - though no vendor statement confirms this.
RemediationAI
No vendor-released patch has been identified at time of analysis - the vendor did not respond to responsible disclosure, and no fixed version is confirmed in any available reference. Users should monitor the Genspark app's Google Play Store listing for updates and apply any new release promptly once available. As compensating controls: remove or disable the Genspark AI Workspace App from devices where it handles sensitive data, as this eliminates the attack surface entirely (trade-off: loss of app functionality). Enterprise MDM administrators can use application blocklisting or allowlisting policies to prevent co-installation of untrusted apps that could abuse the URL scheme handler - this limits the threat from malicious co-installed apps without removing Genspark itself. Android 12+ users can review exported activity permissions in device settings and restrict intent handling where platform controls permit. The researcher's disclosure is documented at https://github.com/actuator/ai.mainfunc.genspark and https://vuldb.com/vuln/370836.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-36669
GHSA-vm9m-6j35-r47j