CVE-2026-0013 in Androidinformação

Sumário

de MITRE • 02/03/2026

In setupLayout of PickActivity.java, there is a possible way to start any activity as a DocumentsUI app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

Google Android

Reservar

15/10/2025

Divulgação

02/03/2026

Moderação

aceite

Entrada

VDB-348508

CPE

pronto

CWE

CWE-441 (confirmado)

CVSS

8.4 (CISA-ADP)

EPSS

0.00003

KEV

não

Atividades

muito baixo

Sector

Homeoffice, Lawfirm, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-0013
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-0013
CVE Details	https://www.cvedetails.com/cve/CVE-2026-0013/

◂ Voltar Visão Geral Próximo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!