Browse all 3 CVE security advisories affecting Mercari, Inc.. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Mercari operates a peer-to-peer e-commerce platform facilitating secondhand goods transactions between buyers and sellers. Historically, the company has reported vulnerabilities including cross-site scripting (XSS) and remote code execution (RCE) flaws, often stemming from improper input validation and insecure API implementations. Privilege escalation vulnerabilities have also been documented in their systems. While no major public security incidents have been widely reported, the presence of three CVEs indicates ongoing security challenges typical of web-based marketplaces handling user transactions and personal data.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-23388 | Mercari 安全漏洞 — "Mercari" App for Android | 6.1 | - | 2024-01-26 |
| CVE-2021-20835 | Office Server Document Converter 安全漏洞 — Android App 'Mercari (Merpay) - Marketplace and Mobile Payments App' (Japan version) | 7.5 | - | 2021-11-24 |
| CVE-2020-5604 | Mercari 注入漏洞 — Android App 'Mercari' (Japan version) | 8.1 | - | 2020-07-09 |
This page lists every published CVE security advisory associated with Mercari, Inc.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.