Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
8.0 HIGH
CVE-2026-0095 — Broadcom Bluetooth Heap Corruption Leading to Privilege Escalation

In l2c_fcr_clone_buf of l2c_fcr.cc, there is a possible way to trigger controlled heap corruption within the privileged Bluetooth process due to an integer overflow. This could lead to local escalati…

android | Memory Corruption
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
7.8 HIGH
CVE-2026-0094 — KeyChainActivity: Privilege Escalation via Malicious Certificate Access

In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This could lead to local escalat…

android | Authentication
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
7.8 HIGH
CVE-2026-0093 — Microsoft Windows Misleading UI Local Privilege Escalation

In multiple locations, there is a possible misleading UI due to obfuscation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not n…

android | Misconfiguration
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
7.8 HIGH
CVE-2026-0091 — Microsoft Launcher Privilege Escalation

In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. This could lead to local escalation of privilege with no additional execut…

android | Authorization
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
7.8 HIGH
CVE-2026-0089 — PackageInstallerService: Privilege Escalation via Unverified App Installation

In multiple functions of PackageInstallerService.java, there is a possible way to install unverified apps due to a missing permission check. This could lead to local escalation of privilege with no a…

android | Authorization
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
0.0 NA
CVE-2026-0088 — Android Installer: UI Confusion Allows Privilege Escalation

In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to local escalation of privilege with …

android | Authorization
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
0.0 NA
CVE-2026-0087 — App: DomainVerificationService: Arbitrary App Link Hijacking Leading to Local Privilege E…

In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of p…

android | Authorization
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
0.0 NA
CVE-2026-0086 — Android DisableSupervisionActivity Local Privilege Escalation

In onCreate of DisableSupervisionActivity.kt, there is a possible way to delete supervision data due to a missing null check. This could lead to local escalation of privilege with no additional execu…

android | Authorization
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
5.5 MEDIUM
CVE-2026-0085 — Atlassian Confluence DataCenter/Server Denial of Service

In applySimpleFieldMaxSize of DataRowHandler.java, there is a possible way to insert a large contact name due to improper input validation. This could lead to local denial of service with no addition…

android | Denial of Service
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
6.5 MEDIUM
CVE-2026-0080 — UBSan Integer Overflow Denial of Service

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution priv…

android | Remote | Memory Corruption
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
5.5 MEDIUM
CVE-2026-0079 — UBSan Persistent Denial of Service

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local denial of service with no additional executi…

android | Denial of Service
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
0.0 NA
CVE-2026-0078 — Android Local Privilege Escalation via DevicePolicyManagerService Proxy Desync

In setGlobalProxy of DevicePolicyManagerService.java, there is a possible desync in persistence due to improper input validation. This could lead to local escalation of privilege with no additional e…

android | Misconfiguration
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
0.0 NA
CVE-2026-0077 — Android ResumeConfigurationDispatch Privilege Escalation

In resumeConfigurationDispatch of ActivityRecord.java, there is a possible background application launch (bal) due to a logic error in the code. This could lead to local escalation of privilege with …

android | Authorization
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
0.0 NA
CVE-2026-0076 — Microsoft Windows ResourceTypes: Out-of-Bounds Read

In validateNode of ResourceTypes.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges…

android | Memory Corruption
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
0.0 NA
CVE-2026-0075 — Google Contacts SQL Injection

In multiple functions, there is a possible way to access the contacts database due to a SQL injection. This could lead to local escalation of privilege with no additional execution privileges needed.…

android | Injection
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
5.5 MEDIUM
CVE-2026-0074 — LauncherProcessImageListener Denial of Service

In getPreferredSize of LauncherProcessImageListener.kt, there is a possible denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution priv…

android | Denial of Service
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
5.5 MEDIUM
CVE-2026-0070 — DevicePolicyManagerService Local Denial of Service via Package Hiding

In multiple functions of DevicePolicyManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to local denial of service with n…

android | Misconfiguration
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
5.5 MEDIUM
CVE-2026-0069 — Apache Commons IO Denial of Service

In verifySignature of ApkChecksums.java, there is a possible way to cause a crash due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed…

android | Denial of Service
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
5.5 MEDIUM
CVE-2026-0067 — UBSan Logic Error Local Denial of Service

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a permanent denial of service due to a logic error in the code. This could lead to local denial of service with n…

android | Denial of Service
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
0.0 NA
CVE-2026-0061 — Android WindowState Tapjacking Vulnerability

In multiple functions of WindowState.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege wit…

android | Authorization
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
Showing 20 of 7006 Results