CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Lawnchair: >> Lawnchair Security Vulnerabilities

CVE-2026-39866

Lawnchair is a free, open-source home app for Android. Prior to commit fcba413f55dd47f8a3921445252849126c6266b2, command injection in release_update.yml workflow dispatch input allows arbitrary code execution. Commit fcba413f55dd47f8a3921445252849126c6266b2 patches the issue.

CVSS Score

7.4

EPSS Score

0.001

Published

2026-04-21

Page 1

Vulnerabilities

Vulnerable Software

Lawnchair: >> Lawnchair Security Vulnerabilities

Products

Pricing

Contact Us