← Back

Peloton

peloton

Vendor: Onepeloton • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Onepeloton
1Peloton
Jun 17, 2026
Oct 25, 2021
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Exposure of senstive information to an unauthorised actor in the "com.onepeloton.erlich" mobile application up to and including version 1.7.22 allows a remote attacker to access developer files stored in an AWS S3 bucket...Show more
Exposure of senstive information to an unauthorised actor in the "com.onepeloton.erlich" mobile application up to and including version 1.7.22 allows a remote attacker to access developer files stored in an AWS S3 bucket, by reading credentials stored in plain text within the mobile application.Show less