CVE-2026-4250 | Albert Sağlık Hizmetleri ve Ticaret Albert Health up to 1.7.3 on Android Google Cloud Service Account Key service-account.json credentials storage

A vulnerability has been found in Albert Sağlık Hizmetleri ve Ticaret Albert Health up to 1.7.3 on Android and classified as problematic. Affected is an unknown function of the file resources/assets/service-account.json of the component Google Cloud Service Account Key Handler. Performing a manipulation results in unprotected storage of credentials.

This vulnerability is reported as CVE-2026-4250. The attack requires a local approach. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-4250 | Albert Sağlık Hizmetleri ve Ticaret Albert Health up to 1.7.3 on Android Google Cloud Service Account Key service-account.json credentials storage

Post correlati

CVE-2024-10343 | Beek Widget Extention Plugin up to 0.9.5 on WordPress Shortcode cross site scripting

CVE-2024-13987 | Synology RADIUS Server prior 3.0.27-0139 cross site scripting (SA_25_10)

CVE-2023-42949 | Apple macOS Temporary Directory access control

CVE-2020-11921 | Lovense Lush up to 2020-02-25 Bluetooth cleartext transmission