CVE-2026-47782
Deferred Deferred - Pending Action
RoboForm Password Manager Intent URL Handling Flaw

Publication date: 2026-05-20

Last updated on: 2026-05-20

Assigner: JPCERT/CC

Description
Android App "RoboForm Password Manager" provided by Siber Systems, Inc. handles Android intents without sufficient URL validation, user confirmation nor notification. If a URL to some malicious web page is given through an intent, RoboForm may silently download files without user confirmation nor notification.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-20
Last Modified
2026-05-20
Generated
2026-06-10
AI Q&A
2026-05-21
EPSS Evaluated
2026-06-09
NVD
CVE-2026-47782
EUVD
EUVD-2026-31200
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
siber_systems roboform_password_manager *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-357 The user interface provides a warning to a user regarding dangerous or sensitive operations, but the warning is not noticeable enough to warrant attention.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability exists in the Android app "RoboForm Password Manager" by Siber Systems, Inc. The app handles Android intents without properly validating URLs, nor does it require user confirmation or provide notification. This means that if a malicious URL is passed to the app through an intent, RoboForm may silently download files without the user's knowledge or consent.

Impact Analysis

This vulnerability can lead to the app downloading potentially malicious files without user awareness or approval. This silent download could expose the user to malware, unwanted software, or other security risks, potentially compromising the device or user data.

Compliance Impact

The provided context does not include any information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Detection Guidance

This vulnerability involves the RoboForm Password Manager app handling Android intents without sufficient URL validation, which may allow silent downloading of files from malicious web pages. Detection would involve monitoring for unusual or unauthorized intent activities targeting RoboForm, especially intents that trigger web page openings or file downloads without user interaction.

Since the vulnerability is specific to Android intents and the RoboForm app, detection on a network or system would require monitoring Android device logs or using Android debugging tools to observe intent handling behavior.

No specific commands or detection tools are provided in the available resources.

Mitigation Strategies

The recommended immediate step to mitigate this vulnerability is to update the RoboForm Password Manager app to the latest version, as the issue affects versions 9.8.6.3 and earlier.

Updating the app ensures that fixes addressing the insufficient URL validation and intent handling are applied, preventing malicious apps from silently downloading files via crafted intents.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-47782. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart