|
1101
|
8.0 |
HIGH
Adjacent
|
google
|
android
|
In l2c_fcr_clone_buf of l2c_fcr.cc, there is a possible way to trigger controlled heap corruption within the privileged Bluetooth process due to an integer overflow. This could lead to local escalati…
Update
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-0095
|
2026-06-4 02:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1102
|
7.8 |
HIGH
Local
|
google
|
android
|
In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This could lead to local escalat…
Update
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-0094
|
2026-06-4 02:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1103
|
7.8 |
HIGH
Local
|
google
|
android
|
In multiple locations, there is a possible misleading UI due to obfuscation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not n…
Update
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-0093
|
2026-06-4 02:00 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1104
|
7.8 |
HIGH
Local
|
google
|
android
|
In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. This could lead to local escalation of privilege with no additional execut…
Update
|
CWE-269
Improper Privilege Management
|
CVE-2026-0091
|
2026-06-4 01:59 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1105
|
7.8 |
HIGH
Local
|
google
|
android
|
In multiple functions of PackageInstallerService.java, there is a possible way to install unverified apps due to a missing permission check. This could lead to local escalation of privilege with no a…
Update
|
CWE-269
Improper Privilege Management
|
CVE-2026-0089
|
2026-06-4 01:59 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1106
|
7.8 |
HIGH
Local
|
google
|
android
|
In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to local escalation of privilege with …
Update
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-0088
|
2026-06-4 01:59 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1107
|
7.8 |
HIGH
Local
|
google
|
android
|
In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of p…
Update
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-0087
|
2026-06-4 01:59 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1108
|
6.8 |
MEDIUM
Local
|
google
|
android
|
In onCreate of DisableSupervisionActivity.kt, there is a possible way to delete supervision data due to a missing null check. This could lead to local escalation of privilege with no additional execu…
Update
|
CWE-269
Improper Privilege Management
|
CVE-2026-0086
|
2026-06-4 01:58 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1109
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution priv…
Update
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-0080
|
2026-06-4 01:58 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1110
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local denial of service with no additional executi…
Update
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-0079
|
2026-06-4 01:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
