PatchSiren cyber security CVE debrief
CVE-2026-47782 Siber Systems, Inc. CVE debrief
CVE-2026-47782 is a medium-severity Android issue in RoboForm Password Manager where an intent-delivered URL may be handled without enough validation, confirmation, or user notification. According to the NVD description, a malicious web page URL passed through an intent could lead RoboForm to silently download files. The public record ties the weakness to CWE-357 and shows no KEV listing in the supplied corpus.
- Vendor
- Siber Systems, Inc.
- Product
- Android App "RoboForm Password Manager"
- CVSS
- MEDIUM 4.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-20
- Original CVE updated
- 2026-05-21
- Advisory published
- 2026-05-20
- Advisory updated
- 2026-05-21
Who should care
Android security teams, mobile device managers, and users or administrators deploying RoboForm Password Manager on managed Android devices should pay attention, especially where the app may receive untrusted intents or URLs from other apps.
Technical summary
The NVD record describes insufficient URL validation and missing user confirmation/notification in RoboForm Password Manager’s Android intent handling. The supplied CVSS v4.0 vector is AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N, indicating a low-complexity issue that requires user interaction and results in low integrity impact. The published references include a JVN advisory page and a vendor Android news page, but the supplied corpus does not include exploit details or evidence of active exploitation.
Defensive priority
Medium; prioritize for Android environments that use RoboForm, especially if the app is present on managed devices or may process untrusted external intents.
Recommended defensive actions
- Review how RoboForm is deployed on Android devices and determine whether it is exposed to untrusted intent sources.
- Apply vendor updates or mitigations referenced in the official RoboForm Android news page and any associated advisory guidance.
- Restrict or monitor app-to-app intent flows on managed Android devices where practical.
- Educate users and support teams to treat unexpected file downloads in RoboForm as suspicious and to verify app updates.
- Track this CVE in vulnerability management systems, but do not treat it as a KEV item based on the supplied corpus.
Evidence notes
The supplied NVD record states that RoboForm Password Manager for Android handles intents without sufficient URL validation, user confirmation, or notification, and that a malicious URL delivered through an intent may cause silent file downloads. NVD assigns CVSS 4.0 AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N and lists CWE-357 as the primary weakness. References provided in the corpus point to a JVN advisory, the Google Play listing, and the vendor’s Android news page.
Official resources
Publicly disclosed on 2026-05-20 in the supplied NVD record, with same-day supporting references to JVN and vendor Android information. The supplied corpus does not indicate a KEV listing or known ransomware use.