CRITICAL
PayRange
CVE published 2026-07-09
CVE-2026-13461
A critical vulnerability, CVE-2026-13461, was found in the PayRange app version 7.0.7. This vulnerability, when combined with an SSL bypass vulnerability, allows JavaScript injection into a WebView. The injected JavaScript can enable attackers to escape the WebView sandbox and perform dangerous actions on the user's device. The CVE record was published on 2026-07-09T17:16:56.997Z and was last modified on [truncated]