CVE-2026-28577 in AndroidИнформация

Сводка

по MITRE • 02.06.2026

In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

Google Android

Резервировать

02.03.2026

Раскрытие

02.06.2026

Модерация

принято

Вход

VDB-367880

CPE

готов

CWE

CWE-1021 (Подтверждённый)

CVSS

7.8 (CISA-ADP)

EPSS

0.00005

KEV

Нет

Деятельности

Очень низкий

Сектор

Lawfirm, Finance, ...

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-28577
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-28577
CVE Details	https://www.cvedetails.com/cve/CVE-2026-28577/

◂ Предыдущий Обзор Далее ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!