Vendor
A relay attack vulnerability, tracked as CVE-2026-33697, exists in the attested TLS (aTLS) implementation of Cocos AI, versions v0.4.0 through v0.8.2, allowing attackers to impersonate a legitimate service and potentially access sensitive data.