CVE-2026-0013 in Androidinfo

Zusammenfassung

von MITRE • 02.03.2026

In setupLayout of PickActivity.java, there is a possible way to start any activity as a DocumentsUI app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Google Android

Reservieren

15.10.2025

Veröffentlichung

02.03.2026

Moderieren

akzeptiert

Eintrag

VDB-348508

CPE

bereit

CWE

CWE-441 (bestätigt)

CVSS

8.4 (CISA-ADP)

EPSS

0.00003

KEV

nein

Aktivitäten

very low

Sektor

Finance, Insurance, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-0013
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-0013
CVE Details	https://www.cvedetails.com/cve/CVE-2026-0013/

◂ Zurück Übersicht Weiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!