CVE-2026-4216 | i-SENS SmartLog App up to 2.6.8 on Android air.SmartLog.android hard-coded credentials

A vulnerability was found in i-SENS SmartLog App up to 2.6.8 on Android. It has been classified as critical. This affects an unknown function of the component air.SmartLog.android. This manipulation causes hard-coded credentials.

The identification of this vulnerability is CVE-2026-4216. The attack can only be executed locally. Furthermore, there is an exploit available.

The vendor explains: “The function referenced in the report currently exists in our deployed system. It is related to a developer mode used during the configuration process for Bluetooth pairing between the blood glucose meter and the SmartLog application. This function is intended for configuration purposes related to device integration and testing. (…) [I]n a future application update, we plan to review measures to either remove the developer mode function or restrict access to it.”

CVE-2026-4216 | i-SENS SmartLog App up to 2.6.8 on Android air.SmartLog.android hard-coded credentials

Post correlati

CVE-2024-33883 | ejs up to 3.1.9 on Node.js unknown vulnerability

CVE-2026-21265 | Microsoft Windows up to Server 2025 Secure Boot Certificate reliance on component that is not updateable

CVE-2024-10747 | PHPGurukul Online Shopping Portal 2.0 dom_data_th.php scripts cross site scripting

CVE-2024-46648 | eNMS 4.4.0/4.7.1 scan_folder path traversal