CVE-2026-26214 | Xiaomi Galaxy FDS Android SDK up to 3.0.8 GalaxyFDSClientImpl.createHttpClient certificate host validation

Inserito da Angelo Barbosa | Feb 12, 2026 | CVE

A vulnerability was found in Xiaomi Galaxy FDS Android SDK up to 3.0.8. It has been classified as critical. This vulnerability affects the function GalaxyFDSClientImpl.createHttpClient. Performing a manipulation results in certificate with host mismatch. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is reported as CVE-2026-26214. The attack is possible to be carried out remotely. No exploit exists.

CVE-2026-26214 | Xiaomi Galaxy FDS Android SDK up to 3.0.8 GalaxyFDSClientImpl.createHttpClient certificate host validation

Post correlati

CVE-2021-47081 | Linux Kernel up to 5.12.6 gaudi hl_cb_kernel_create of use after free (b49f5af30b0e/115726c5d312)

CVE-2024-6704 | Comments Plugin up to 7.6.21 on WordPress cross site scripting

CVE-2024-3609 | ReviewX Plugin up to 1.6.27 on WordPress authorization

CVE-2025-40725 | Azon Dominator PHP Script URL /search cross site scripting (EUVD-2025-27530)