CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

131 matches found

NVD•added 2026/06/01 10:16 p.m.•6 views

CVE-2026-28577

In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00005EPSS

Exploits0References1

NVD•added 2026/06/01 10:16 p.m.•7 views

CVE-2026-0061

In multiple functions of WindowState.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9CVSS0.00007EPSS

Exploits0References1

CVE•added 2026/06/01 9:14 p.m.•18 views

CVE-2026-0048

Technical details for CVE-2026-0048 are not publicly provided in the supplied documents. The description notes a tapjacking/overlay issue with local privilege escalation, but no concrete affected products, versions, or fixes are disclosed. Monitor for updates.

6.8CVSS5.9AI score0.00007EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/06/01 9:14 p.m.•29 views

CVE-2026-0046

In InputInterceptor of Letterbox.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00007EPSS

Exploits0References1

CVE•added 2026/06/01 9:14 p.m.•10 views

CVE-2026-0046

Technical details are not publicly available in the provided connected documents beyond the general CVE-2026-0046 description (InputInterceptor/Letterbox.java, tapjacking/overlay scenario). Monitor for updates.

6.2CVSS5.9AI score0.00007EPSS

Exploits0References1Affected Software1

CVE•added 2026/06/01 9:14 p.m.•6 views

CVE-2026-0036

CVE-2026-0036 describes a tapjacking vulnerability in StageCoordinator.java that could enable local privilege escalation via a tapjacking/overlay attack without user interaction. The issue allows exploitation with local access and is associated with the Android platform (Android Bulletin context ...

7.8CVSS5.9AI score0.00005EPSS

Exploits0References1Affected Software1

OSV•added 2026/06/01 12:0 a.m.•6 views

ASB-A-463364410

In hide of WindowState.java, there is a possible way to trick the user into approving permissions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.8CVSS5.9AI score0.00007EPSS

Exploits0References2

RedhatCVE•added 2026/03/04 1:57 a.m.•2 views

CVE-2026-0007

In writeToParcel of WindowInfo.cpp, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.6CVSS6.1AI score0.00002EPSS

Exploits0References1

OSV•added 2026/03/02 7:16 p.m.•1 views

CVE-2026-0007

8.6CVSS5.9AI score0.00002EPSS

Exploits0References1

ATTACKERKB•added 2026/03/02 6:42 p.m.•3 views

CVE-2026-0007

8.6CVSS6.1AI score0.00002EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2026/01/09 11:18 a.m.•4 views

CVE-2021-0446

In ImportVCardActivity, there is a possible way to bypass user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-17225212...

7.3CVSS7.1AI score0.00014EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:18 a.m.•8 views

CVE-2021-0314

In onCreate of UninstallerActivity, there is a possible way to uninstall an all without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:...

7.3CVSS7AI score0.00012EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:17 a.m.•6 views

CVE-2021-0583

In onCreate of BluetoothPairingDialog, there is a possible way to enable Bluetooth without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

7.3CVSS7AI score0.00014EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:17 a.m.•5 views

CVE-2021-0538

In onCreate of EmergencyCallbackModeExitDialog.java, there is a possible exit of emergency callback mode due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions...

7.3CVSS7AI score0.00014EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:16 a.m.•3 views

CVE-2021-0603

In onCreate of ContactSelectionActivity.java, there is a possible way to get access to contacts without permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:...

7.8CVSS7AI score0.00015EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:16 a.m.•9 views

CVE-2021-0315

In onCreate of GrantCredentialsPermissionActivity.java, there is a possible way to convince the user to grant an app access to an account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...

7.3CVSS7.1AI score0.00026EPSS

Exploits0References1