CVE Database

108856+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-0100
7.8 HIGH

In Load of LoadedArsc.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of …

Jun 1, 2026
CVE-2026-0099
7.8 HIGH

In onNullBinding of HostEmulationManager.java, there is a possible way to launch an activity from the background due to a logic error in the code. This …

Jun 1, 2026
CVE-2026-0098
7.8 HIGH

In getCallingPackageName of Shared.java, there is a possible way to bypass activity start restrictions due to a confused deputy. This could lead to local escalation …

Jun 1, 2026
CVE-2026-0097
8.0 HIGH

In multiple locations, there is a possible way to bypass user interaction when pairing an LE device due to a logic error. This could lead …

Jun 1, 2026
CVE-2026-0096
7.8 HIGH

In getAppLabel of ForgetDeviceDialogFragment.java, there is a possible trick the user into forgetting a device due to misleading or insufficient UI. This could lead to …

Jun 1, 2026
CVE-2026-0095
8.0 HIGH

In l2c_fcr_clone_buf of l2c_fcr.cc, there is a possible way to trigger controlled heap corruption within the privileged Bluetooth process due to an integer overflow. This …

Jun 1, 2026
CVE-2026-0094
7.8 HIGH

In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This …

Jun 1, 2026
CVE-2026-0093
7.8 HIGH

In multiple locations, there is a possible misleading UI due to obfuscation. This could lead to local escalation of privilege with no additional execution privileges …

Jun 1, 2026
CVE-2026-0091
7.8 HIGH

In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. This could lead to …

Jun 1, 2026
CVE-2026-0089
7.8 HIGH

In multiple functions of PackageInstallerService.java, there is a possible way to install unverified apps due to a missing permission check. This could lead to local …

Jun 1, 2026
CVE-2026-0088
7.8 HIGH

In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to …

Jun 1, 2026
CVE-2026-0087
7.8 HIGH

In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could …

Jun 1, 2026
CVE-2026-0086
6.8 MEDIUM

In onCreate of DisableSupervisionActivity.kt, there is a possible way to delete supervision data due to a missing null check. This could lead to local escalation …

Jun 1, 2026
CVE-2026-0085
5.5 MEDIUM

In applySimpleFieldMaxSize of DataRowHandler.java, there is a possible way to insert a large contact name due to improper input validation. This could lead to local …

Jun 1, 2026
CVE-2026-0080
6.5 MEDIUM

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial …

Jun 1, 2026
CVE-2026-0079
5.5 MEDIUM

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local denial of …

Jun 1, 2026
CVE-2026-0078
7.8 HIGH

In setGlobalProxy of DevicePolicyManagerService.java, there is a possible desync in persistence due to improper input validation. This could lead to local escalation of privilege with …

Jun 1, 2026
CVE-2026-0077
7.8 HIGH

In resumeConfigurationDispatch of ActivityRecord.java, there is a possible background application launch (bal) due to a logic error in the code. This could lead to local …

Jun 1, 2026
CVE-2026-0076
7.8 HIGH

In validateNode of ResourceTypes.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of …

Jun 1, 2026
CVE-2026-0075
5.9 MEDIUM

In multiple functions, there is a possible way to access the contacts database due to a SQL injection. This could lead to local escalation of …

Jun 1, 2026
CVE-2026-0074
5.5 MEDIUM

In getPreferredSize of LauncherProcessImageListener.kt, there is a possible denial of service due to resource exhaustion. This could lead to local denial of service with no …

Jun 1, 2026
CVE-2026-0070
5.5 MEDIUM

In multiple functions of DevicePolicyManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to …

Jun 1, 2026
CVE-2026-0069
5.5 MEDIUM

In verifySignature of ApkChecksums.java, there is a possible way to cause a crash due to resource exhaustion. This could lead to local denial of service …

Jun 1, 2026
CVE-2026-0067
5.5 MEDIUM

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a permanent denial of service due to a logic error in the code. …

Jun 1, 2026
CVE-2026-0061
5.9 MEDIUM

In multiple functions of WindowState.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could …

Jun 1, 2026
CVE-2026-0060
5.5 MEDIUM

In updateState of GraphicsDriverEnableAngleAsSystemDriverController.java, there is a possible persistent dos issue due to an unusual root cause. This could lead to local denial of service …

Jun 1, 2026
CVE-2026-0059
8.0 HIGH

In multiple functions of sdp_discovery.cc, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to remote …

Jun 1, 2026
CVE-2026-0056
3.3 LOW

In setTo of ResourceTypes.cpp, there is a possible read out of bounds due to an incorrect bounds check. This could lead to local information disclosure …

Jun 1, 2026
CVE-2026-0055
6.2 MEDIUM

In createSessionInternal of PackageInstallerService.java, there is a possible to update a Device Policy Controller (DPC) into an invalid directory due to a path traversal error. …

Jun 1, 2026
CVE-2026-0052
6.5 MEDIUM

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial …

Jun 1, 2026
CVE-2026-0051
6.5 MEDIUM

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a system crash due to improper input validation. This could lead to remote …

Jun 1, 2026
CVE-2026-0050
3.3 LOW

In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disclosure due to a permissions bypass. This could lead to local information disclosure with no …

Jun 1, 2026
CVE-2026-0048
6.8 MEDIUM

In hide of WindowState.java, there is a possible way to trick the user into approving permissions due to a tapjacking/overlay attack. This could lead to …

Jun 1, 2026
CVE-2026-0046
6.2 MEDIUM

In InputInterceptor of Letterbox.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead …

Jun 1, 2026
CVE-2026-0045
7.8 HIGH

In bta_jv_rfcomm_connect of bta_jv_act.cc, there is a possible bypass of bonding for a secure connection due to a logic error in the code. This could …

Jun 1, 2026
CVE-2026-0044
6.5 MEDIUM

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause the system to crash due to an integer overflow. This could lead to …

Jun 1, 2026
CVE-2026-0043
5.5 MEDIUM

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local escalation of …

Jun 1, 2026
CVE-2026-0042
5.5 MEDIUM

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service …

Jun 1, 2026
CVE-2026-0041
6.5 MEDIUM

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible UBSan failure due to an integer overflow. This could lead to remote denial of service with …

Jun 1, 2026
CVE-2026-0040
6.5 MEDIUM

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial …

Jun 1, 2026
CVE-2026-0039
6.5 MEDIUM

In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to remote denial of …

Jun 1, 2026
CVE-2026-0036
7.8 HIGH

In startAnimation of StageCoordinator.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no …

Jun 1, 2026
CVE-2026-0018
5.5 MEDIUM

In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of …

Jun 1, 2026
CVE-2026-0016
3.3 LOW

In updateProvidersWhenServiceRemoved of CredentialManagerService.java, there is a possible way to override settings across users due to a permissions bypass. This could lead to local information …

Jun 1, 2026
CVE-2026-0009
7.8 HIGH

In multiple locations, there is a possible tapjacking due to a logic error in the code. This could lead to local escalation of privilege with …

Jun 1, 2026
CVE-2025-48652
7.8 HIGH

In performPreInstallChecks of InstallRepository.kt, there is a possible way to bypass MDM policy due to a logic error in the code. This could lead to …

Jun 1, 2026
CVE-2025-48649
7.8 HIGH

In multiple locations, there is a possible way to reset user-selected permissions selections due to a permissions bypass. This could lead to local escalation of …

Jun 1, 2026
CVE-2025-48648
5.5 MEDIUM

In isSameApp of NotificationManagerService.java, there is a possible persistent dos due to resource exhaustion. This could lead to local denial of service with no additional …

Jun 1, 2026
CVE-2025-48616
3.3 LOW

In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the …

Jun 1, 2026
CVE-2025-48595
8.4 HIGH KEV

In multiple locations, there is a possible way to achieve code execution due to an integer overflow. This could lead to local escalation of privilege …

Jun 1, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.