Android App "Spoon" provided by Spoon Radio Japan Inc. uses a hard-coded API key for an external service (CWE-798). ## Impact The hard-coded API key may be retrieved when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated service. Note that the application users are not directly affected by this vulnerability. ## Solution Update the Application Update the application to the latest version according to the information provided by the developer. This vulnerability has been fixed in Android Spoon application version 8.6.1 or later. ## Products Affected Android Spoon application version 7.11.1 to…Read More