Aggregator

CVE-2026-0029 | Google Android pkvm.c __pkvm_init_vm memory corruption (EUVD-2026-9243)

1 month 2 weeks ago

A vulnerability identified as critical has been detected in Google Android. The affected element is the function __pkvm_init_vm of the file pkvm.c. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2026-0029. Local access is required to approach this attack. No exploit exists.

vuldb.com

CVE-2026-0028 | Google Android kernel mem_protect.c __pkvm_host_share_guest out-of-bounds write (EUVD-2026-9242)

Vuldb Updates

1 month 2 weeks ago

A vulnerability marked as critical has been reported in Google Android kernel. This affects the function __pkvm_host_share_guest of the file mem_protect.c. This manipulation causes out-of-bounds write. The identification of this vulnerability is CVE-2026-0028. The attack can only be executed locally. There is no exploit available.

vuldb.com

CVE-2026-0032 | Google Android kernel mem_protect.c out-of-bounds write (EUVD-2026-9246)

Vuldb Updates

1 month 2 weeks ago

A vulnerability described as critical has been identified in Google Android kernel. This impacts an unknown function of the file mem_protect.c. Such manipulation leads to out-of-bounds write. This vulnerability is referenced as CVE-2026-0032. The attack can only be performed from a local environment. No exploit is available.

vuldb.com

CVE-2026-0031 | Google Android mem_protect.c out-of-bounds write (EUVD-2026-9245)

Vuldb Updates

1 month 2 weeks ago

A vulnerability classified as critical has been found in Google Android. Affected is an unknown function of the file mem_protect.c. Performing a manipulation results in out-of-bounds write. This vulnerability is identified as CVE-2026-0031. The attack is only possible with local access. There is not any exploit available.

vuldb.com

CVE-2026-0030 | Google Android mem_protect.c __host_check_page_state_range out-of-bounds write (EUVD-2026-9244)

Vuldb Updates

1 month 2 weeks ago

A vulnerability classified as critical was found in Google Android. Affected by this vulnerability is the function __host_check_page_state_range of the file mem_protect.c. Executing a manipulation can lead to out-of-bounds write. This vulnerability is tracked as CVE-2026-0030. The attack is restricted to local execution. No exploit exists.

vuldb.com

CVE-2026-0035 | Google Android 14/15/16/16-qpr2 MediaProvider.java createRequest information disclosure (EUVD-2026-9248)

Vuldb Updates

1 month 2 weeks ago

A vulnerability, which was classified as problematic, was found in Google Android 14/15/16/16-qpr2. This affects the function createRequest of the file MediaProvider.java. The manipulation results in information disclosure. This vulnerability is cataloged as CVE-2026-0035. The attack must be initiated from a local position. There is no exploit available. Applying a patch is advised to resolve this issue.

vuldb.com

CVE-2026-0034 | Google Android 14/15/16/16-qpr2 ManagedServices.java setPackageOrComponentEnabled input validation (EUVD-2026-9247)

Vuldb Updates

1 month 2 weeks ago

A vulnerability was found in Google Android 14/15/16/16-qpr2. It has been declared as problematic. The affected element is the function setPackageOrComponentEnabled of the file ManagedServices.java. Executing a manipulation can lead to improper input validation. This vulnerability appears as CVE-2026-0034. The attack requires local access. There is no available exploit. It is advisable to implement a patch to correct this issue.

vuldb.com

CVE-2026-0037 | Google Android ffa.c memory corruption (EUVD-2026-9249)

Vuldb Updates

1 month 2 weeks ago

A vulnerability, which was classified as critical, has been found in Google Android. Affected by this issue is some unknown functionality of the file ffa.c. The manipulation leads to memory corruption. This vulnerability is listed as CVE-2026-0037. The attack must be carried out locally. There is no available exploit.

vuldb.com

CVE-2026-0047 | Google Android 16-qpr2 ActivityManagerService.java dumpBitmapsProto permission (EUVD-2026-9251)

Vuldb Updates

1 month 2 weeks ago

A vulnerability has been found in Google Android 16-qpr2 and classified as critical. This vulnerability affects the function dumpBitmapsProto of the file ActivityManagerService.java. This manipulation causes permission issues. This vulnerability is registered as CVE-2026-0047. The attack needs to be launched locally. No exploit is available. It is suggested to install a patch to address this issue.

vuldb.com

CVE-2026-0038 | Google Android mem_protect.c Local Privilege Escalation (EUVD-2026-9250)

Vuldb Updates

1 month 2 weeks ago

A vulnerability was found in Google Android. It has been rated as problematic. The impacted element is an unknown function of the file mem_protect.c. The manipulation leads to Local Privilege Escalation. This vulnerability is traded as CVE-2026-0038. An attack has to be approached locally. There is no exploit available. Applying a patch is the recommended action to fix this issue.

vuldb.com

The FBI’s cyber chief is using Winter SHIELD to accelerate China prep, threat intelligence sharing

CyberScoop

1 month 2 weeks ago

Brett Leatherman is running the bureau's most public cyber campaign yet, pushing basic security hygiene while quietly preparing industry for stepped-up Chinese threats.

The post The FBI’s cyber chief is using Winter SHIELD to accelerate China prep, threat intelligence sharing appeared first on CyberScoop.

Tim Starks

Middle east crisis prompts UK NCSC warning on potential Iranian cyber activity

Security Affairs

1 month 2 weeks ago

UK’s NCSC warns of potential Iranian cyberattacks as Middle East tensions rise, urging vigilance from exposed organizations. The UK’s National Cyber Security Centre (NCSC) has warned organizations of a potential increase in Iranian cyber threats amid the escalating Middle East conflict. While it sees no immediate shift in the direct threat to Britain, officials stress […]

Pierluigi Paganini

Veeam security advisory (AV26-188)

CCCS - Alerts and advisories

1 month 2 weeks ago

Canadian Centre for Cyber Security

30 Alleged Members of 'The Com' Arrested in Project Compass

darkreading

1 month 2 weeks ago

The global law enforcement crackdown, which began in January 2025, also identified nearly 180 members of the notorious cybercriminal collective.

Rob Wright

Android security advisory – March 2026 monthly rollup (AV26-187)

CCCS - Alerts and advisories

1 month 2 weeks ago

Canadian Centre for Cyber Security

Fake Google Security site uses PWA app to steal credentials, MFA codes

Bleeping Computer.

1 month 2 weeks ago

A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time passcodes, harvesting cryptocurrency wallet addresses, and proxying attacker traffic through victims' browsers. [...]

Ionut Ilascu

INC

Dark Feed IO

1 month 2 weeks ago

You must login to view this content

cohenido

SANDWORM_MODE: The Rise of Adaptive Supply Chain Worms

Security Boulevard

1 month 2 weeks ago

Earlier this year, we asked our team where they expect open source cyberattacks to go next. Sonatype Principal Security Researcher Garrett Calpouzos shared his thoughts about how he anticipated attackers won't simply use automation, but also abuse victims' AI tools:

The post SANDWORM_MODE: The Rise of Adaptive Supply Chain Worms appeared first on Security Boulevard.

Sonatype Security Research Team

Popular Iranian App BadeSaba was Hacked to Send “Help Is on the Way” Alerts

Hack Read

1 month 2 weeks ago

Hackers took over Iran’s BadeSaba Calendar prayer app, sending “Help Is on the Way” alerts and messages urging soldiers to lay down weapons.

Deeba Ahmed

Qilin

Dark Feed IO

1 month 2 weeks ago

You must login to view this content

cohenido

Aggregator

Managed ad