FKIE_CVE-2026-22694

Vulnerability from fkie_nvd - Published: 2026-01-14 17:16 - Updated: 2026-01-16 15:55
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N
Summary
AliasVault is a privacy-first password manager with built-in email aliasing. AliasVault Android versions 0.24.0 through 0.25.2 contained an issue in how passkey requests from Android apps were validated. Under certain local conditions, a malicious app could attempt to obtain a passkey response for a site it was not authorized to access. The issue involved incomplete validation of calling app identity, origin, and RP ID in the Android credential provider. This issue was fixed in AliasVault Android 0.25.3.
References
security-advisories@github.comhttps://github.com/aliasvault/aliasvault/commit/b3350473103d6138ab2b63ca130c211717eac67d
security-advisories@github.comhttps://github.com/aliasvault/aliasvault/issues/1440
security-advisories@github.comhttps://github.com/aliasvault/aliasvault/pull/1441
security-advisories@github.comhttps://github.com/aliasvault/aliasvault/releases/tag/0.25.3
security-advisories@github.comhttps://github.com/aliasvault/aliasvault/security/advisories/GHSA-mvg4-wvjv-332q
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "AliasVault is a privacy-first password manager with built-in email aliasing. AliasVault Android versions 0.24.0 through 0.25.2 contained an issue in how passkey requests from Android apps were validated. Under certain local conditions, a malicious app could attempt to obtain a passkey response for a site it was not authorized to access. The issue involved incomplete validation of calling app identity, origin, and RP ID in the Android credential provider. This issue was fixed in AliasVault Android 0.25.3."
    }
  ],
  "id": "CVE-2026-22694",
  "lastModified": "2026-01-16T15:55:33.063",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 4.2,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-01-14T17:16:08.810",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/aliasvault/aliasvault/commit/b3350473103d6138ab2b63ca130c211717eac67d"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/aliasvault/aliasvault/issues/1440"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/aliasvault/aliasvault/pull/1441"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/aliasvault/aliasvault/releases/tag/0.25.3"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/aliasvault/aliasvault/security/advisories/GHSA-mvg4-wvjv-332q"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-346"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.