Google Android vulnerabilities

CVE-2026-0118 [HIGH] CWE-693 CVE-2026-0118: In oobconfig, there is a possible bypass of carrier restrictions due to a logic error. This could le In oobconfig, there is a possible bypass of carrier restrictions due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0122 [HIGH] CWE-787 CVE-2026-0122: In multiple places, there is a possible out of bounds write due to memory corruption. This could lea In multiple places, there is a possible out of bounds write due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-36920 [HIGH] CWE-20 CVE-2025-36920: In hyp_alloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to impr In hyp_alloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0107 [HIGH] CWE-441 CVE-2026-0107: In gmc_ddr_handle_mba_mr_req of gmc_mba_ddr.c, there is a possible escalation of privileges due to a In gmc_ddr_handle_mba_mr_req of gmc_mba_ddr.c, there is a possible escalation of privileges due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0117 [HIGH] CWE-787 CVE-2026-0117: In mfc_dec_dqbuf of mfc_dec_v4l2.c, there is a possible out of bounds write due to an incorrect boun In mfc_dec_dqbuf of mfc_dec_v4l2.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0119 [MEDIUM] CWE-787 CVE-2026-0119: In usim_SendMCCMNCIndMsg of usim_Registration.c, there is a possible out of bounds write due to memo In usim_SendMCCMNCIndMsg of usim_Registration.c, there is a possible out of bounds write due to memory corruption. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0108 [MEDIUM] CWE-284 CVE-2026-0108: The register protection of the PowerVR GPU is incorrectly configured. This could lead to local infor The register protection of the PowerVR GPU is incorrectly configured. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0121 [LOW] CWE-362 CVE-2026-0121: In VPU, there is a possible use-after-free read due to a race condition. This could lead to local in In VPU, there is a possible use-after-free read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0115 [LOW] CWE-1300 CVE-2026-0115: In Trusted Execution Environment, there is a possible key leak due to side channel information discl In Trusted Execution Environment, there is a possible key leak due to side channel information disclosure. This could lead to physical information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2025-61615 [HIGH] CWE-20 CVE-2025-61615: In nr modem, there is a possible system crash due to improper input validation. This could lead to r In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

CVE-2025-61614 [HIGH] CWE-20 CVE-2025-61614: In nr modem, there is a possible system crash due to improper input validation. This could lead to r In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

CVE-2025-61613 [HIGH] CWE-20 CVE-2025-61613: In nr modem, there is a possible system crash due to improper input validation. This could lead to r In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

CVE-2025-61616 [HIGH] CWE-20 CVE-2025-61616: In nr modem, there is a possible system crash due to improper input validation. This could lead to r In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

CVE-2025-69279 [HIGH] CWE-20 CVE-2025-69279: In nr modem, there is a possible system crash due to improper input validation. This could lead to r In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

CVE-2025-69278 [HIGH] CWE-20 CVE-2025-69278: In nr modem, there is a possible system crash due to improper input validation. This could lead to r In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

CVE-2025-61612 [HIGH] CWE-20 CVE-2025-61612: In nr modem, there is a possible system crash due to improper input validation. This could lead to r In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

CVE-2026-0006 [CRITICAL] CWE-122 CVE-2026-0006: In multiple locations, there is a possible out of bounds read and write due to a heap buffer overflo In multiple locations, there is a possible out of bounds read and write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48609 [CRITICAL] CWE-400 CVE-2025-48609: In multiple functions of MmsProvider.java, there is a possible way to arbitrarily delete files which In multiple functions of MmsProvider.java, there is a possible way to arbitrarily delete files which affect telephony, SMS, and MMS functionalities due to a path traversal error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-48653 [HIGH] CWE-693 CVE-2025-48653: In loadDataAndPostValue of multiple files, there is a possible way to obscure permission usage due t In loadDataAndPostValue of multiple files, there is a possible way to obscure permission usage due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0037 [HIGH] CWE-787 CVE-2026-0037: In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the co In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.