CVE-2026-4741 HIGH

CVE-2026-4741: Path Traversal Vulnerability in TeamJCD/JoyConDroid

Vendor Teamjcd
Product JoyConDroid
Weakness CWE-22 · Path traversal
Published March 24, 2026
Last update March 24, 2026

CVSS base score

8.6/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/S:N/AU:Y/R:U/V:D/RE:L/U:Amber

What the vulnerability does

01Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TeamJCD JoyConDroid (app/src/main/java/com/rdapps/gamepad/util modules). This vulnerability is associated with program files UnzipUtil.Java‎. This issue affects JoyConDroid: through 1.0.93.

Key dates

02Disclosure timeline

March 24, 2026 CVE published
March 24, 2026 Record updated