CVE-2026-0046 in Androidinfo

Zusammenfassung

von MITRE • 02.06.2026

In InputInterceptor of Letterbox.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Google Android

Reservieren

15.10.2025

Veröffentlichung

02.06.2026

Moderieren

akzeptiert

Eintrag

VDB-367835

CPE

bereit

CWE

CWE-275 (bestätigt)

CVSS

7.8 (VulDB)

EPSS

0.00005

KEV

nein

Aktivitäten

very low

Sektor

Finance, Insurance, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-0046
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-0046
CVE Details	https://www.cvedetails.com/cve/CVE-2026-0046/

◂ Zurück Übersicht Weiter ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!