Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Android Number Of NVD 6904 CRITICAL 484 HIGH 3022 MEDIUM 3149 LOW 241
URL https://www.android.com/
Explanation It is an operating system installed on smartphones provided by Google.
Since it is open source, many manufacturers use it in their smartphones, tablets, and wearable devices.

The support period differs for each development vendor.
After Google provides a security patch, it is up to the vendor to provide the patch to the target devices.
Tag
  • Google
  • Apache License v2.0
  • GPL v2
  • LGPL 2.1+
  • Mobile
Add Information URL
No Type Name URL
1 https://en.wikipedia.org/wiki/Android_version_history
2 https://source.android.com/setup/start/licenses
3 https://source.android.com/security/bulletin/
4 https://developer.android.com/
5 https://developer.android.com/about/versions/
6 https://android-developers.googleblog.com/
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
21 Android 14 14.1 Nov. 6, 2024 Aug. 7, 2024 0 3 1 0
22 Android 13 13.4 Aug. 7, 2023 Aug. 15, 2022 15 317 812 67
23 Android 12 12.4 Oct. 17, 2022 Oct. 4, 2020 43 479 1193 106
24 Android 11 11 Sept. 8, 2020 Sept. 8, 2020 58 636 1364 107
25 Android 10 10 Sept. 3, 2019 Sept. 3, 2019 103 680 1055 110
26 Android 9 9 Aug. 6, 2018 Aug. 6, 2018 112 463 331 35
27 Android 8 8.1.0 Dec. 5, 2017 Aug. 21, 2017 144 529 318 25
28 Android 7 7.1.2 April 4, 2017 Aug. 22, 2016 116 627 380 20
29 Android 6 6.0.1 Dec. 7, 2015 Oct. 5, 2015 109 734 397 20
30 Android 5 5.1.1 April 21, 2015 Nov. 12, 2014 67 661 317 16
31 Android 4 4.4.4 June 19, 2014 Oct. 18, 2011 53 577 271 16
32 Android 3 3.2.6 Feb. 1, 2012 Feb. 22, 2011 25 420 174 10
33 Android 2 2.2.3 Nov. 21, 2011 Oct. 26, 2009 25 424 181 12
34 Android 1 1.6 Sept. 15, 2009 Sept. 23, 2008 150 1594 2337 209
35 Android 9.0 9.0 109 441 323 34
36 Android 7.2 7.2 16 61 79 9
37 Android 12.1 12.1 15 229 224 23
38 Android 12.0l 12.0l 0 28 68 9
39 Android 12.0 12.0 43 447 1159 104
40 Android 11.0 11.0 58 636 1364 107
41 Android 10.0 10.0 103 680 1055 110
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
21 5.5
- 		MEDIUM
Local 		In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local denial of service with no additional executi… CWE-190
 Integer Overflow or Wraparound 		CVE-2026-0079 cpe:2.3:o:google:android:16.0:qpr2_beta_3
cpe:2.3:o:google:android:16.0:qpr2_beta_2
cpe:2.3:o:google:android:16.0… 		2026-06-4 01:57
2026-06-2 		Show GitHub Exploit DB Packet Storm
22 7.8
- 		HIGH
Local 		In setGlobalProxy of DevicePolicyManagerService.java, there is a possible desync in persistence due to improper input validation. This could lead to local escalation of privilege with no additional e… CWE-20
 Improper Input Validation  		CVE-2026-0078 cpe:2.3:o:google:android:16.0:qpr2_beta_3
cpe:2.3:o:google:android:16.0:qpr2_beta_2
cpe:2.3:o:google:android:16.0… 		2026-06-4 01:57
2026-06-2 		Show GitHub Exploit DB Packet Storm
23 7.8
- 		HIGH
Local 		In resumeConfigurationDispatch of ActivityRecord.java, there is a possible background application launch (bal) due to a logic error in the code. This could lead to local escalation of privilege with … CWE-693
 Protection Mechanism Failure 		CVE-2026-0077 cpe:2.3:o:google:android:16.0:qpr2_beta_3
cpe:2.3:o:google:android:16.0:qpr2_beta_2
cpe:2.3:o:google:android:16.0… 		2026-06-3 23:16
2026-06-2 		Show GitHub Exploit DB Packet Storm
24 7.8
- 		HIGH
Local 		In validateNode of ResourceTypes.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges… CWE-125
Out-of-bounds Read 		CVE-2026-0076 cpe:2.3:o:google:android:16.0:qpr2_beta_3
cpe:2.3:o:google:android:16.0:qpr2_beta_2
cpe:2.3:o:google:android:16.0… 		2026-06-3 01:16
2026-06-2 		Show GitHub Exploit DB Packet Storm
25 7.8
- 		HIGH
Local 		In multiple functions, there is a possible way to access the contacts database due to a SQL injection. This could lead to local escalation of privilege with no additional execution privileges needed.… CWE-89
SQL Injection 		CVE-2026-0075 cpe:2.3:o:google:android:16.0:qpr2_beta_3
cpe:2.3:o:google:android:16.0:qpr2_beta_2
cpe:2.3:o:google:android:16.0… 		2026-06-3 23:16
2026-06-2 		Show GitHub Exploit DB Packet Storm
26 5.5
- 		MEDIUM
Local 		In getPreferredSize of LauncherProcessImageListener.kt, there is a possible denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution priv… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-0074 cpe:2.3:o:google:android:16.0:qpr2_beta_3
cpe:2.3:o:google:android:16.0:qpr2_beta_2
cpe:2.3:o:google:android:16.0… 		2026-06-3 00:47
2026-06-2 		Show GitHub Exploit DB Packet Storm
27 5.5
- 		MEDIUM
Local 		In multiple functions of DevicePolicyManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to local denial of service with n… CWE-20
 Improper Input Validation  		CVE-2026-0070 cpe:2.3:o:google:android:16.0:qpr2_beta_3
cpe:2.3:o:google:android:16.0:qpr2_beta_2
cpe:2.3:o:google:android:16.0… 		2026-06-3 00:48
2026-06-2 		Show GitHub Exploit DB Packet Storm
28 5.5
- 		MEDIUM
Local 		In verifySignature of ApkChecksums.java, there is a possible way to cause a crash due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-0069 cpe:2.3:o:google:android:14.0:* 2026-06-3 03:06
2026-06-2 		Show GitHub Exploit DB Packet Storm
29 5.5
- 		MEDIUM
Local 		In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a permanent denial of service due to a logic error in the code. This could lead to local denial of service with n… NVD-CWE-noinfo
CVE-2026-0067 cpe:2.3:o:google:android:16.0:qpr2_beta_3
cpe:2.3:o:google:android:16.0:qpr2_beta_2
cpe:2.3:o:google:android:16.0… 		2026-06-3 22:46
2026-06-2 		Show GitHub Exploit DB Packet Storm
30 5.9
- 		MEDIUM
Local 		In multiple functions of WindowState.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege wit… CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2026-0061 cpe:2.3:o:google:android:16.0:qpr2_beta_3
cpe:2.3:o:google:android:16.0:qpr2_beta_2
cpe:2.3:o:google:android:16.0… 		2026-06-3 00:48
2026-06-2 		Show GitHub Exploit DB Packet Storm