PatchSiren

PayRange CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

CRITICAL PayRange CVE published 2026-07-09

CVE-2026-13461

A critical vulnerability, CVE-2026-13461, was found in the PayRange app version 7.0.7. This vulnerability, when combined with an SSL bypass vulnerability, allows JavaScript injection into a WebView. The injected JavaScript can enable attackers to escape the WebView sandbox and perform dangerous actions on the user's device. The CVE record was published on 2026-07-09T17:16:56.997Z and was last modified on [truncated]