Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
8.4 HIGH
CVE-2026-0037 — FFA Memory Corruption Privilege Escalation Vulnerability

In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed…

| Memory Corruption
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
8.4 HIGH
CVE-2026-0035 — Apache MediaProvider Local Privilege Escalation

In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of pri…

| Path Traversal
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
8.4 HIGH
CVE-2026-0034 — Apache ManagedServices Local Privilege Escalation

In setPackageOrComponentEnabled of ManagedServices.java, there is a possible notification policy desync due to improper input validation. This could lead to local escalation of privilege with no addi…

| Authorization
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
0.0 NA
CVE-2026-0032 — Apache Memprotect Out-of-Bounds Write Vulnerability

In multiple functions of mem_protect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privile…

| Memory Corruption
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
8.4 HIGH
CVE-2026-0031 — Apache MemProtect Integer Overflow Write Vulnerability

In multiple functions of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges ne…

| Memory Corruption
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
8.4 HIGH
CVE-2026-0030 — Apache Host Check Page State Range Out-of-Bounds Write Vulnerability

In __host_check_page_state_range of mem_protect.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execut…

| Memory Corruption
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
0.0 NA
CVE-2026-0029 — Apache Pkvm Local Privilege Escalation Vulnerability

In __pkvm_init_vm of pkvm.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. U…

| Memory Corruption
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
8.4 HIGH
CVE-2026-0028 — PKVM Host Guest Out-of-Bounds Write Vulnerability

In __pkvm_host_share_guest of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileg…

| Memory Corruption
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
6.7 MEDIUM
CVE-2026-0027 — ARM SMMU Out-of-Bounds Write Vulnerability

In smmu_detach_dev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User in…

| Memory Corruption
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
7.8 HIGH
CVE-2026-0026 — Apache PermissionManager Local Privilege Escalation

In removePermission of PermissionManagerServiceImpl.java, there is a possible way to override any system permission due to a logic error in the code. This could lead to local escalation of privilege…

| Authorization
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
0.0 NA
CVE-2026-0025 — Apache Notification Java Information Disclosure

In hasImage of Notification.java, there is a possible way to reveal information across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution…

| Authorization
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
0.0 NA
CVE-2026-0024 — Android MediaProvider Missing Permission Check Information Disclosure

In isRedactionNeededForOpenViaContentResolver of MediaProvider.java, there is a possible way to reveal the location of media due to a missing permission check. This could lead to local information di…

| Information Disclosure
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
0.0 NA
CVE-2026-0023 — Google PackageInstaller Service Local Privilege Escalation

In createSessionInternal of PackageInstallerService.java, there is a possible way for an app to update its ownership due to a missing permission check. This could lead to local escalation of privileg…

| Authorization
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
8.4 HIGH
CVE-2026-0021 — Google Android Confused Deputy Permission Bypass

In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible cross-user permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additi…

| Authorization
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
8.4 HIGH
CVE-2026-0020 — Android ParsedPermissionUtils parsePermissionGroup Permissions Bypass

In parsePermissionGroup of ParsedPermissionUtils.java, there is a possible way to bypass a consent dialog to obtain permissions due to a permissions bypass. This could lead to local escalation of pri…

| Authorization
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
0.0 NA
CVE-2026-0017 — Apache BiometricService Fingerprint Unlock Privilege Escalation

In onChange of BiometricService.java, there is a possible way to enable fingerprint unlock due to a logic error in the code. This could lead to local escalation of privilege with no additional execut…

| Authorization
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
6.2 MEDIUM
CVE-2026-0015 — Apache AppOpsService Denial of Service Vulnerability

In multiple locations of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution…

| Denial of Service
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
6.2 MEDIUM
CVE-2026-0014 — Android AppOpsService Denial of Service Vulnerability

In isPackageNullOrSystem of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execut…

| Denial of Service
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
8.4 HIGH
CVE-2026-0013 — Google PickActivity Java Confused Deputy Local Privilege Escalation

In setupLayout of PickActivity.java, there is a possible way to start any activity as a DocumentsUI app due to a confused deputy. This could lead to local escalation of privilege with no additional e…

| Authorization
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
0.0 NA
CVE-2026-0012 — Google Android Contact Name Leak Vulnerability

In setHideSensitive of ExpandableNotificationRow.java, there is a possible contact name leak due due to a logic error in the code. This could lead to local information disclosure with no additional e…

| Information Disclosure
Mar 02, 2026 Mar 02, 2026
Mar 02, 2026
Mar 02, 2026
Showing 20 of 4860 Results