Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    317 vulnerabilities

    CVE-2026-0165 (GCVE-0-2026-0165)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-16 19:32
    VLAI
    Summary
    In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Information disclosure
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    • CWE-125 - Out-of-bounds Read
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.7,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0165",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T19:32:06.697409Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T19:32:34.212Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information disclosure",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:35.648Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0165",
        "datePublished": "2026-06-16T18:51:35.648Z",
        "dateReserved": "2025-10-23T08:45:05.889Z",
        "dateUpdated": "2026-06-16T19:32:34.212Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0164 (GCVE-0-2026-0164)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote code execution
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    • CWE-787 - Out-of-bounds Write
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0164",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:05.780Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote code execution",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:34.703Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0164",
        "datePublished": "2026-06-16T18:51:34.703Z",
        "dateReserved": "2025-10-23T08:45:04.193Z",
        "dateUpdated": "2026-06-17T03:56:05.780Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0162 (GCVE-0-2026-0162)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In ParsePayloads of AudioSdpParser.cpp, there is a possible memory corruption due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Denial of service
    • CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0162",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-843",
                    "description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:06.893Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In ParsePayloads of AudioSdpParser.cpp, there is a possible memory corruption due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of service",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:33.759Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0162",
        "datePublished": "2026-06-16T18:51:33.759Z",
        "dateReserved": "2025-10-23T08:45:00.415Z",
        "dateUpdated": "2026-06-17T03:56:06.893Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0161 (GCVE-0-2026-0161)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In numberOfReportBlocks of RtpSession.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Elevation of privilege
    • CWE-190 - Integer Overflow or Wraparound
    • CWE-787 - Out-of-bounds Write
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0161",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-190",
                    "description": "CWE-190 Integer Overflow or Wraparound",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:07.984Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In numberOfReportBlocks of RtpSession.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of privilege",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:32.814Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0161",
        "datePublished": "2026-06-16T18:51:32.814Z",
        "dateReserved": "2025-10-23T08:44:58.789Z",
        "dateUpdated": "2026-06-17T03:56:07.984Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0160 (GCVE-0-2026-0160)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In TextRtpPayloadDecoderNode::DecodeT140 of TextRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote code execution
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0160",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:09.059Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In TextRtpPayloadDecoderNode::DecodeT140 of TextRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote code execution",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:31.835Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0160",
        "datePublished": "2026-06-16T18:51:31.835Z",
        "dateReserved": "2025-10-23T08:44:57.549Z",
        "dateUpdated": "2026-06-17T03:56:09.059Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0158 (GCVE-0-2026-0158)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-16 19:48
    VLAI
    Summary
    In Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Information disclosure
    • CWE-862 - Missing Authorization
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 3.3,
                  "baseSeverity": "LOW",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0158",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T19:47:56.236593Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-862",
                    "description": "CWE-862 Missing Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T19:48:33.517Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information disclosure",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:30.869Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0158",
        "datePublished": "2026-06-16T18:51:30.869Z",
        "dateReserved": "2025-10-23T08:44:54.695Z",
        "dateUpdated": "2026-06-16T19:48:33.517Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0157 (GCVE-0-2026-0157)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-16 20:30
    VLAI
    Summary
    In RtcpHeader::decodeRtcpHeader, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Information disclosure
    • CWE-125 - Out-of-bounds Read
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 4.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0157",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T19:48:43.570340Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T20:30:32.471Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In RtcpHeader::decodeRtcpHeader, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information disclosure",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:29.902Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0157",
        "datePublished": "2026-06-16T18:51:29.902Z",
        "dateReserved": "2025-10-23T08:44:53.142Z",
        "dateUpdated": "2026-06-16T20:30:32.471Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0156 (GCVE-0-2026-0156)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-07-06 14:39
    VLAI
    Summary
    In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Denial of service
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0156",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T19:50:13.186722Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-476",
                    "description": "CWE-476 NULL Pointer Dereference",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-06T14:39:15.708Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of service",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:28.954Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0156",
        "datePublished": "2026-06-16T18:51:28.954Z",
        "dateReserved": "2025-10-23T08:44:51.869Z",
        "dateUpdated": "2026-07-06T14:39:15.708Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0155 (GCVE-0-2026-0155)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-16 20:30
    VLAI
    Summary
    In ImsMediaBitReader::ReadByteBuffer, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Information disclosure
    • CWE-125 - Out-of-bounds Read
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 4.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0155",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T19:50:49.744680Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T20:30:57.394Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In ImsMediaBitReader::ReadByteBuffer, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information disclosure",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:27.991Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0155",
        "datePublished": "2026-06-16T18:51:27.991Z",
        "dateReserved": "2025-10-23T08:44:49.025Z",
        "dateUpdated": "2026-06-16T20:30:57.394Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0154 (GCVE-0-2026-0154)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In Modem, there is a possible way to trigger a modem crash during a SIP REFER request due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote code execution
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0154",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:10.176Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Modem, there is a possible way to trigger a modem crash during a SIP REFER request due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote code execution",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:27.000Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0154",
        "datePublished": "2026-06-16T18:51:27.000Z",
        "dateReserved": "2025-10-23T08:44:05.072Z",
        "dateUpdated": "2026-06-17T03:56:10.176Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0153 (GCVE-0-2026-0153)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 11:09
    VLAI
    Summary
    In Write of msg_to_host_buffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Elevation of privilege
    • CWE-787 - Out-of-bounds Write
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0153",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-17T03:56:28.589036Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T11:09:47.963Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Write of msg_to_host_buffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of privilege",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:26.014Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0153",
        "datePublished": "2026-06-16T18:51:26.014Z",
        "dateReserved": "2025-10-23T08:44:03.771Z",
        "dateUpdated": "2026-06-17T11:09:47.963Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0152 (GCVE-0-2026-0152)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In OSMMapPMRGeneric of pmr_os.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Elevation of privilege
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0152",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-119",
                    "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:11.260Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In OSMMapPMRGeneric of pmr_os.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of privilege",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:25.038Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0152",
        "datePublished": "2026-06-16T18:51:25.038Z",
        "dateReserved": "2025-10-23T08:44:02.053Z",
        "dateUpdated": "2026-06-17T03:56:11.260Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0151 (GCVE-0-2026-0151)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In IntfGraphCreate of intfgraph.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote code execution
    • CWE-190 - Integer Overflow or Wraparound
    • CWE-787 - Out-of-bounds Write
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0151",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-190",
                    "description": "CWE-190 Integer Overflow or Wraparound",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:12.373Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In IntfGraphCreate of intfgraph.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote code execution",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:24.093Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0151",
        "datePublished": "2026-06-16T18:51:24.093Z",
        "dateReserved": "2025-10-23T08:44:00.676Z",
        "dateUpdated": "2026-06-17T03:56:12.373Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0150 (GCVE-0-2026-0150)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In ExecuteGraph command handler of EdgeTPU firmware, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with root privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Elevation of privilege
    • CWE-190 - Integer Overflow or Wraparound
    • CWE-787 - Out-of-bounds Write
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0150",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-190",
                    "description": "CWE-190 Integer Overflow or Wraparound",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:13.449Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In ExecuteGraph command handler of EdgeTPU firmware, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with root privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of privilege",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:23.135Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0150",
        "datePublished": "2026-06-16T18:51:23.135Z",
        "dateReserved": "2025-10-23T08:43:58.901Z",
        "dateUpdated": "2026-06-17T03:56:13.449Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0149 (GCVE-0-2026-0149)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In RtpSession::rtpSendRtcpPacket, there is a possible OOB write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote code execution
    • CWE-122 - Heap-based Buffer Overflow
    • CWE-787 - Out-of-bounds Write
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0149",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-122",
                    "description": "CWE-122 Heap-based Buffer Overflow",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:14.554Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In RtpSession::rtpSendRtcpPacket, there is a possible OOB write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote code execution",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:22.184Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0149",
        "datePublished": "2026-06-16T18:51:22.184Z",
        "dateReserved": "2025-10-23T08:43:57.569Z",
        "dateUpdated": "2026-06-17T03:56:14.554Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0148 (GCVE-0-2026-0148)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In multiple functions of VideoRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote code execution
    • CWE-190 - Integer Overflow or Wraparound
    • CWE-787 - Out-of-bounds Write
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0148",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-190",
                    "description": "CWE-190 Integer Overflow or Wraparound",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:15.659Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In multiple functions of VideoRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote code execution",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:21.239Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0148",
        "datePublished": "2026-06-16T18:51:21.239Z",
        "dateReserved": "2025-10-23T08:43:56.098Z",
        "dateUpdated": "2026-06-17T03:56:15.659Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0147 (GCVE-0-2026-0147)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In __mfc_core_nal_q_get_dec_metadata_sei_nal of mfc_core_nal_q.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote code execution
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    • CWE-787 - Out-of-bounds Write
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0147",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:16.756Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In __mfc_core_nal_q_get_dec_metadata_sei_nal of mfc_core_nal_q.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote code execution",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:20.268Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0147",
        "datePublished": "2026-06-16T18:51:20.268Z",
        "dateReserved": "2025-10-23T08:43:54.592Z",
        "dateUpdated": "2026-06-17T03:56:16.756Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0146 (GCVE-0-2026-0146)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In mfc_core_get_dec_metadata_sei_nal of mfc_core_reg_api.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote code execution
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    • CWE-787 - Out-of-bounds Write
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0146",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:17.842Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In mfc_core_get_dec_metadata_sei_nal of mfc_core_reg_api.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote code execution",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:19.294Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0146",
        "datePublished": "2026-06-16T18:51:19.294Z",
        "dateReserved": "2025-10-23T08:43:53.321Z",
        "dateUpdated": "2026-06-17T03:56:17.842Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0145 (GCVE-0-2026-0145)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-16 20:12
    VLAI
    Summary
    In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Information disclosure
    • CWE-862 - Missing Authorization
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 3.3,
                  "baseSeverity": "LOW",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0145",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T20:12:18.977713Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-862",
                    "description": "CWE-862 Missing Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T20:12:21.183Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information disclosure",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:18.317Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0145",
        "datePublished": "2026-06-16T18:51:18.317Z",
        "dateReserved": "2025-10-23T08:43:52.210Z",
        "dateUpdated": "2026-06-16T20:12:21.183Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0144 (GCVE-0-2026-0144)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-16 20:12
    VLAI
    Summary
    In writeAocCommand of AocAudioCodec.cpp, there is a possible memory safety issue due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Denial of service
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0144",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T20:12:31.457074Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T20:12:58.629Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In writeAocCommand of AocAudioCodec.cpp, there is a possible memory safety issue due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of service",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:17.365Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0144",
        "datePublished": "2026-06-16T18:51:17.365Z",
        "dateReserved": "2025-10-23T08:43:50.891Z",
        "dateUpdated": "2026-06-16T20:12:58.629Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0143 (GCVE-0-2026-0143)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In lwis_device_external_event_emit of lwis_event.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Elevation of privilege
    • CWE-416 - Use After Free
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0143",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:18.962Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In lwis_device_external_event_emit of lwis_event.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of privilege",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:16.389Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0143",
        "datePublished": "2026-06-16T18:51:16.389Z",
        "dateReserved": "2025-10-23T08:43:49.406Z",
        "dateUpdated": "2026-06-17T03:56:18.962Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0142 (GCVE-0-2026-0142)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-16 20:52
    VLAI
    Summary
    In iavb_parse_key_data of avb_rsa.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Information disclosure
    • CWE-125 - Out-of-bounds Read
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 3.3,
                  "baseSeverity": "LOW",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0142",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T20:51:57.297248Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-20",
                    "description": "CWE-20 Improper Input Validation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T20:52:00.237Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In iavb_parse_key_data of avb_rsa.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information disclosure",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:15.431Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0142",
        "datePublished": "2026-06-16T18:51:15.431Z",
        "dateReserved": "2025-10-23T08:43:48.111Z",
        "dateUpdated": "2026-06-16T20:52:00.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0141 (GCVE-0-2026-0141)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-16 20:33
    VLAI
    Summary
    In decodeAppPacket of RtcpAppPacket.cpp, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Information disclosure
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    • CWE-125 - Out-of-bounds Read
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 4.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0141",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T20:15:38.072359Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T20:33:14.687Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In decodeAppPacket of RtcpAppPacket.cpp, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information disclosure",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:14.490Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0141",
        "datePublished": "2026-06-16T18:51:14.490Z",
        "dateReserved": "2025-10-23T08:43:46.842Z",
        "dateUpdated": "2026-06-16T20:33:14.687Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0140 (GCVE-0-2026-0140)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-16 20:33
    VLAI
    Summary
    In RtpPacket::decodePacket, there is a possible out-of-bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Information disclosure
    • CWE-190 - Integer Overflow or Wraparound
    • CWE-125 - Out-of-bounds Read
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 4.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0140",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T20:16:08.469737Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-190",
                    "description": "CWE-190 Integer Overflow or Wraparound",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T20:33:54.122Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In RtpPacket::decodePacket, there is a possible out-of-bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information disclosure",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:13.545Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0140",
        "datePublished": "2026-06-16T18:51:13.545Z",
        "dateReserved": "2025-10-23T08:43:45.280Z",
        "dateUpdated": "2026-06-16T20:33:54.122Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0139 (GCVE-0-2026-0139)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote code execution
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0139",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-119",
                    "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:22.238Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote code execution",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:12.578Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0139",
        "datePublished": "2026-06-16T18:51:12.578Z",
        "dateReserved": "2025-10-23T08:43:43.651Z",
        "dateUpdated": "2026-06-17T03:56:22.238Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0138 (GCVE-0-2026-0138)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In lwis_io_buffer_write of lwis_io_buffer.c, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Elevation of privilege
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    • CWE-787 - Out-of-bounds Write
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0138",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:21.152Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In lwis_io_buffer_write of lwis_io_buffer.c, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of privilege",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:11.620Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0138",
        "datePublished": "2026-06-16T18:51:11.620Z",
        "dateReserved": "2025-10-23T08:43:42.415Z",
        "dateUpdated": "2026-06-17T03:56:21.152Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0137 (GCVE-0-2026-0137)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In edgetpu_sync_fence_group_shutdown() of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Elevation of privilege
    • CWE-416 - Use After Free
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0137",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:20.060Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In edgetpu_sync_fence_group_shutdown() of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of privilege",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:10.670Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0137",
        "datePublished": "2026-06-16T18:51:10.670Z",
        "dateReserved": "2025-10-23T08:43:41.241Z",
        "dateUpdated": "2026-06-17T03:56:20.060Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0136 (GCVE-0-2026-0136)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-16 20:36
    VLAI
    Summary
    In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Denial of service
    • CWE-125 - Out-of-bounds Read
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0136",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T20:17:45.417702Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T20:36:48.026Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of service",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:09.716Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0136",
        "datePublished": "2026-06-16T18:51:09.716Z",
        "dateReserved": "2025-10-23T08:43:40.068Z",
        "dateUpdated": "2026-06-16T20:36:48.026Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0135 (GCVE-0-2026-0135)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-17 03:56
    VLAI
    Summary
    In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote code execution
    • CWE-125 - Out-of-bounds Read
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0135",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T03:56:28.893Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote code execution",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:08.740Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0135",
        "datePublished": "2026-06-16T18:51:08.740Z",
        "dateReserved": "2025-10-23T08:43:38.810Z",
        "dateUpdated": "2026-06-17T03:56:28.893Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0134 (GCVE-0-2026-0134)

    Vulnerability from cvelistv5 – Published: 2026-06-16 18:51 – Updated: 2026-06-16 20:51
    VLAI
    Summary
    In PostWipeData of recovery_ui.cpp, there is a possible data persistence issue after a factory reset due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Information disclosure
    • CWE-1188 - Initialization of a Resource with an Insecure Default
    Assigner
    Impacted products
    Vendor Product Version
    Google Android Affected: Android kernel
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 3.3,
                  "baseSeverity": "LOW",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0134",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T20:51:08.278432Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-1188",
                    "description": "CWE-1188 Initialization of a Resource with an Insecure Default",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T20:51:12.261Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Android",
              "vendor": "Google",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In PostWipeData of recovery_ui.cpp, there is a possible data persistence issue after a factory reset due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information disclosure",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-16T18:51:07.769Z",
            "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
            "shortName": "Google_Devices"
          },
          "references": [
            {
              "url": "https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.7.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "assignerShortName": "Google_Devices",
        "cveId": "CVE-2026-0134",
        "datePublished": "2026-06-16T18:51:07.769Z",
        "dateReserved": "2025-10-23T08:43:37.055Z",
        "dateUpdated": "2026-06-16T20:51:12.261Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }