CVE-2026-5682 PUBLISHED

A vulnerability has been found in Meesho Online Shopping App up to 27.3 on Android. Affected is an unknown function of the file /api/endpoint of the component com.meesho.supply. Such manipulation leads to risky cryptographic algorithm. The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

• honest_corrupt (VulDB User) reporter

• VDB-355509 | Meesho Online Shopping App com.meesho.supply endpoint risky encryption
• VDB-355509 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #792717 | Meesho Android Application 27.3 Cryptographic Issue / Improper Encryption
• https://github.com/honestcorrupt/MEESHO-CVE

• Risky Cryptographic Algorithm CWE
• Cryptographic Issues CWE