CVE-2026-0082
— Android NFC Dispatcher: Privilege Escalation via Insecure Permission Assignment
In tryStartActivity of NfcDispatcher.java, there is a possible automatic special app access permission assignment due to an insecure default value. This could lead to local escalation of privilege wi…
Jun 17, 2026
Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
CVE-2026-0081
— NFC Spoofing Leading to Local Privilege Escalation
In NFC, there is a possible way to spoof an NFC event due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interact…
Jun 17, 2026
Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
In SettingsLib, there is a possible missing permission check due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User in…
Jun 17, 2026
Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
CVE-2026-0068
— PackageInstallerService DPC Uninstallation Privilege Escalation
In createSessionInternal of PackageInstallerService.java, there is a possible method to remove a DPC app from a managed device without DO consent due to desync from persistence. This could lead to lo…
Jun 17, 2026
Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
In multiple places, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User intera…
android
|
Remote
|
Denial of Service
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2026-0063
— Google Android PhoneInterfaceManager Improper Checkstone Privilege Escalation
In setAllowedCarriers of PhoneInterfaceManager.java, there is a possible way to disable carrier restrictions due to a logic error in the code. This could lead to local escalation of privilege with no…
Jun 17, 2026
Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
In Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission check. This could lead to local information disclosure with…
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed.…
Jun 17, 2026
Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
CVE-2025-69179
— WordPress Support Ticket Management System plugin <= 1.9 - Privilege Escalation vulnerabi…
Unauthenticated Privilege Escalation in Support Ticket Management System <= 1.9 versions.
Remote
|
Authorization
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69178
— WordPress Truemag theme <= 4.3.14.2 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Truemag <= 4.3.14.2 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69177
— WordPress Roneous theme <= 2.1.5 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Roneous <= 2.1.5 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69176
— WordPress ITactics theme <= 1.0 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in ITactics <= 1.0 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69173
— WordPress Tipsy theme <= 1.1 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Tipsy <= 1.1 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69172
— WordPress Resurs theme <= 1.3 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Resurs <= 1.3 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69171
— WordPress Orpheus theme <= 1.3 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Orpheus <= 1.3 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69168
— WordPress Spike theme <= 1.2 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Spike <= 1.2 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69167
— WordPress Eros theme <= 1.3 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Eros <= 1.3 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69165
— WordPress Choreo theme <= 1.6 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Choreo <= 1.6 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69163
— WordPress WineShop theme <= 3.17 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in WineShop <= 3.17 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69162
— WordPress Grecko theme <= 5.17 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Grecko <= 5.17 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026