PatchSiren

iAI Lab CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

LOW iAI Lab CVE published 2026-06-06

CVE-2026-11411

A path traversal vulnerability has been discovered in iAI Lab PDF AI App 4.21.0 on Android. The vulnerability affects the chatpdf.pro component, specifically the getExternalCacheDir function. An attacker can manipulate the _display_name argument to traverse the file system. This attack requires a local approach. The CVSS score for this vulnerability is 1.9, indicating a low severity.