Google Android vulnerabilities

CVE-2026-0049 [MEDIUM] CWE-400 CVE-2026-0049: In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48651 CVE-2025-48651: In importWrappedKey of KMKeymasterApplet.java, there is a possible way access keys that should be re In importWrappedKey of KMKeymasterApplet.java, there is a possible way access keys that should be restricted due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0114 [CRITICAL] CWE-787 CVE-2026-0114: In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0124 [CRITICAL] CWE-787 CVE-2026-0124: There is a possible out of bounds write due to a missing bounds check. This could lead to local esca There is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0111 [CRITICAL] CWE-787 CVE-2026-0111: In ns_GetUserData of ns_SmscbUtilities.c, there is a possible out of bounds write due to an incorrec In ns_GetUserData of ns_SmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0116 [CRITICAL] CWE-787 CVE-2026-0116: In __mfc_handle_released_buf of mfc_core_isr.c, there is a possible out of bounds write due to a mis In __mfc_handle_released_buf of mfc_core_isr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0120 [CRITICAL] CWE-787 CVE-2026-0120: In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0113 [CRITICAL] CWE-787 CVE-2026-0113: In ns_GetUserData of ns_SmscbUtilities.c, there is a possible out of bounds write due to an incorrec In ns_GetUserData of ns_SmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0110 [CRITICAL] CWE-120 CVE-2026-0110: In MM_DATA_IND of cn_NrSmMsgHdlrFromMM.cpp, there is a possible EoP due to memory corruption. This c In MM_DATA_IND of cn_NrSmMsgHdlrFromMM.cpp, there is a possible EoP due to memory corruption. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0118 [HIGH] CWE-693 CVE-2026-0118: In oobconfig, there is a possible bypass of carrier restrictions due to a logic error. This could le In oobconfig, there is a possible bypass of carrier restrictions due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48611 [CRITICAL] CWE-120 CVE-2025-48611: In DeviceId of DeviceId.java, there is a possible desync in persistence due to a missing bounds chec In DeviceId of DeviceId.java, there is a possible desync in persistence due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0122 [HIGH] CWE-787 CVE-2026-0122: In multiple places, there is a possible out of bounds write due to memory corruption. This could lea In multiple places, there is a possible out of bounds write due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0107 [HIGH] CWE-441 CVE-2026-0107: In gmc_ddr_handle_mba_mr_req of gmc_mba_ddr.c, there is a possible escalation of privileges due to a In gmc_ddr_handle_mba_mr_req of gmc_mba_ddr.c, there is a possible escalation of privileges due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0109 [HIGH] CWE-754 CVE-2026-0109: In dhd_tcpdata_info_get of dhd_ip.c, there is a possible Denial of Service due to a precondition che In dhd_tcpdata_info_get of dhd_ip.c, there is a possible Denial of Service due to a precondition check failure. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0112 [HIGH] CWE-362 CVE-2026-0112: In vpu_open_inst of vpu_ioctl.c, there is a possible use after free due to a race condition. This co In vpu_open_inst of vpu_ioctl.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0123 [HIGH] CWE-787 CVE-2026-0123: In EfwApTransport::ProcessRxRing of efw_ap_transport.cc, there is a possible out of bounds write due In EfwApTransport::ProcessRxRing of efw_ap_transport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0117 [HIGH] CWE-787 CVE-2026-0117: In mfc_dec_dqbuf of mfc_dec_v4l2.c, there is a possible out of bounds write due to an incorrect boun In mfc_dec_dqbuf of mfc_dec_v4l2.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-36920 [HIGH] CWE-20 CVE-2025-36920: In hyp_alloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to impr In hyp_alloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0108 [MEDIUM] CWE-284 CVE-2026-0108: The register protection of the PowerVR GPU is incorrectly configured. This could lead to local infor The register protection of the PowerVR GPU is incorrectly configured. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0119 [MEDIUM] CWE-787 CVE-2026-0119: In usim_SendMCCMNCIndMsg of usim_Registration.c, there is a possible out of bounds write due to memo In usim_SendMCCMNCIndMsg of usim_Registration.c, there is a possible out of bounds write due to memory corruption. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.