CVE-2026-5455 | Dialogue App up to 4.3.2 on Android ca.diagram.dialogue config.json SEGMENT_WRITE_KEY hard-coded key

A vulnerability, which was classified as problematic, was found in Dialogue App up to 4.3.2 on Android. The affected element is an unknown function of the file file res/raw/config.json of the component ca.diagram.dialogue. Executing a manipulation of the argument SEGMENT_WRITE_KEY can lead to use of hard-coded cryptographic key
.

This vulnerability is tracked as CVE-2026-5455. The attack is restricted to local execution. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-5455 | Dialogue App up to 4.3.2 on Android ca.diagram.dialogue config.json SEGMENT_WRITE_KEY hard-coded key

Post correlati

CVE-2025-43757 | Liferay Portal/DXP cross site scripting

CVE-2026-2389 | Complianz Plugin up to 7.4.4.2 on WordPress revert_divs_to_summary cross site scripting

CVE-2025-52277 | YesWiki 4.54 meta configuration robots cross site scripting

CVE-2025-11547 | Axis Communications AB AXIS Camera Station Pro up to 6.12 log file