CVE-2026-13462 PUBLISHED

PayRange for Android, version 7.0.7, contains an SSL bypass vulnerability

Assigner: certcc
Reserved: 26.06.2026 Published: 09.07.2026 Updated: 09.07.2026

PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows invalid certificates to be accepted in application webviews. A remote and unauthenticated attacker can steal information that the user sends.

Product Status

Vendor PayRange
Product PayRange
Versions
  • Version 7.0.7 is affected

References

Problem Types

  • CWE-295: Improper Certificate Validation