CVE-2024-13261

VPN vulnerability - Android

High CVSS Score: 8.7 Published: 2026-03-20

Description

A cross-site scripting vulnerability in Android VPN allows attackers to execute arbitrary code. This affects versions through 19.73.1.

Affected Systems

Vendor Android
Product VPN
Affected Versions < 16.98
CWE ID CWE-200

Mitigation

As a workaround, disable the affected feature until a patch is available.

Fix Instructions

1. Update VPN to the latest version
2. Apply vendor patch when available
3. Implement network segmentation
4. Monitor for exploitation attempts

References

Risk Assessment

CVSS: 8.7/10

Exploit Available Unknown
Patch Available Yes

Need Help Patching?

Our security team can help assess and remediate this vulnerability in your environment.

Get Help

Related Vulnerabilities

medium

CVE-2025-56637

VPN...
high

CVE-2024-14296

Browser...
high

CVE-2024-92651

VPN...
low

CVE-2024-43076

CMS...
medium

CVE-2024-78475

VPN...
medium

CVE-2025-49636

VPN...

Stay Ahead of Threats

Subscribe to our vulnerability feed and get instant alerts when new CVEs affect your systems.

Start Monitoring