Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
6.8 MEDIUM
CVE-2026-0048 — Window.java Tapjacking Leading to Privilege Escalation

In hide of WindowState.java, there is a possible way to trick the user into approving permissions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no addition…

android | Misconfiguration
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
6.2 MEDIUM
CVE-2026-0046 — Letterbox InputInterceptor Tapjacking Local Privilege Escalation

In InputInterceptor of Letterbox.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no…

android | Authorization
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
7.8 HIGH
CVE-2026-0045 — Broadcom Bluetooth Bonding Bypass Privilege Escalation

In bta_jv_rfcomm_connect of bta_jv_act.cc, there is a possible bypass of bonding for a secure connection due to a logic error in the code. This could lead to local escalation of privilege with no add…

android | Authentication
Jun 01, 2026 Jun 03, 2026
Jun 01, 2026
Jun 03, 2026
6.5 MEDIUM
CVE-2026-0044 — UBSan Integer Overflow Denial of Service

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause the system to crash due to an integer overflow. This could lead to remote denial of service with no additional ex…

android | Remote | Denial of Service
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
5.5 MEDIUM
CVE-2026-0043 — UBSan Integer Overflow Persistent Denial of Service

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local escalation of privilege with no additional e…

android | Denial of Service
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
5.5 MEDIUM
CVE-2026-0042 — UBSan Persistent Denial of Service

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional executi…

android | Denial of Service
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
6.5 MEDIUM
CVE-2026-0041 — UBSan Integer Overflow Denial of Service

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible UBSan failure due to an integer overflow. This could lead to remote denial of service with no additional execution privileges …

android | Remote | Memory Corruption
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
6.5 MEDIUM
CVE-2026-0040 — UBSan Integer Overflow Denial of Service

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution priv…

android | Remote | Denial of Service
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
6.5 MEDIUM
CVE-2026-0039 — UBSan Integer Overflow Denial of Service

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to remote denial of service with no additional execut…

android | Remote | Denial of Service
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
7.8 HIGH
CVE-2026-0036 — Android StageCoordinator Tapjacking

In startAnimation of StageCoordinator.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution priv…

android | Misconfiguration
Jun 01, 2026 Jun 03, 2026
Jun 01, 2026
Jun 03, 2026
5.5 MEDIUM
CVE-2026-0018 — AccessibilityManagerService Persistent Denial of Service

In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additi…

android | Denial of Service
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
3.3 LOW
CVE-2026-0016 — CredentialManagerService: Local Information Disclosure via Permissions Bypass

In updateProvidersWhenServiceRemoved of CredentialManagerService.java, there is a possible way to override settings across users due to a permissions bypass. This could lead to local information disc…

android | Authorization
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
7.8 HIGH
CVE-2026-0009 — Android Tapjacking Local Privilege Escalation

In multiple locations, there is a possible tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti…

android | Authorization
Jun 01, 2026 Jun 03, 2026
Jun 01, 2026
Jun 03, 2026
7.8 HIGH
CVE-2025-48652 — MDM Policy Bypass Leading to Local Privilege Escalation

In performPreInstallChecks of InstallRepository.kt, there is a possible way to bypass MDM policy due to a logic error in the code. This could lead to local escalation of privilege with no additional …

android | Authorization
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
7.8 HIGH
CVE-2025-48649 — Microsoft Windows Permissions Bypass Leading to Local Privilege Escalation

In multiple locations, there is a possible way to reset user-selected permissions selections due to a permissions bypass. This could lead to local escalation of privilege with no additional execution…

android | Authorization
Jun 01, 2026 Jun 03, 2026
Jun 01, 2026
Jun 03, 2026
5.5 MEDIUM
CVE-2025-48648 — Android NotificationManagerService Persistent Denial of Service

In isSameApp of NotificationManagerService.java, there is a possible persistent dos due to resource exhaustion. This could lead to local denial of service with no additional execution privileges need…

android | Denial of Service
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
3.3 LOW
CVE-2025-48616 — KeyguardViewMediator Local Lockdown Bypass

In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclos…

android | Information Disclosure
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
8.4 HIGH
CVE-2025-48595 — Android Framework Integer Overflow Vulnerability - [Actively Exploited]

In multiple locations, there is a possible way to achieve code execution due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. U…

android | CISA KEV | Memory Corruption
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
7.8 HIGH
CVE-2025-48570 — PipTaskOrganizer Confused Deputy Activity Launch Vulnerability

In multiple functions of PipTaskOrganizer.java, there is a possible way to launch an activity from the background due to a confused deputy. This could lead to local escalation of privilege with no ad…

android | Authorization
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
7.8 HIGH
CVE-2025-32348 — Android System Privilege Escalation

In multiple locations, there is a possible background activity launch due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges neede…

android | Authorization
Jun 01, 2026 Jun 02, 2026
Jun 01, 2026
Jun 02, 2026
Showing 20 of 7360 Results