CVE-2026-10510

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Jun 02, 2026

Vendor unknown

Description

Cross-Site Scripting (XSS) in GeniexWebView component in Transsion AI Assistant Lifestyle application (com.transsion.aiassistantlifestyle) all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted web_action_data URL parameter.

References

https://security.tecno.com/SRC/securityUpdates