32575 matches found
CVE-2026-30792
A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Strategy sync, HTTP API client, config options engine modules allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files...
NewStart CGSL MAIN 6.06 (SP) : libnl3 Vulnerability (NS-SA-2026-0018)
The remote NewStart CGSL host, running version MAIN 6.06 SP, has libnl3 packages installed that are affected by a vulnerability: - An elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged...
CVE-2026-30798
Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Heartbeat sync loop, strategy processing modules allows Protocol Manipulation. This vulnerability is...
CVE-2026-30794
Improper Certificate Validation vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android HTTP API client, TLS transport modules allows Adversary in the Middle AiTM. This vulnerability is associated with program files src/hbbshttp/httpclient.Rs and...
CVE-2026-30783
A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Client signaling, API sync loop, config management modules allows Privilege Abuse. This vulnerability is associated with program files src/rendezvousmediator.Rs, src/hbbshttp/sync....
CVE-2026-30793
Cross-Site Request Forgery CSRF vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Flutter URI scheme handler, FFI bridge modules allows Privilege Escalation. This vulnerability is associated with program files flutter/lib/common.Dart,...
zeptoclaw has Android device shell blocklist bypass via argument permutation
Summary zeptoclaw implements a blocklist to prevent dangerous commands running in android device shell, but this blocklist has several blocked commands with argements in the pattern literal, such as rm -f and rm -rf, this can be simply bypassed by using different orders for these arguments, such ...
A flawed TLS handshake implementation affects Viber Proxy in multiple platforms
Overview The Rakuten Viber messaging app for Android V25.7.2.0g and Windows V25.6.0.0-V25.8.1.0, has a flaw in its TLS handshake implementation when using the Cloak proxy configuration. This flaw allows for easy identification of proxy usage, potentially compromising user anonymity. Description...
PT-2026-23458
Cross-Site Request Forgery CSRF vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Flutter URI scheme handler, FFI bridge modules allows Privilege Escalation. This vulnerability is associated with program files flutter/lib/common.Dart,...
CVE-2025-47147
Cleartext Storage of Sensitive Information CWE-312 in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator's mobile device to extract the session token and exploit access for a limited duration. This issue affects Command Centre Mobile...
CVE-2025-47147
Cleartext Storage of Sensitive Information CWE-312 in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator's mobile device to extract the session token and exploit access for a limited duration. This issue affects Command Centre Mobile...
CVE-2025-47147
CVE-2025-47147 describes Cleartext Storage of Sensitive Information (CWE-312) in the Command Centre Mobile Client for Android and iOS. The issue could allow an attacker with access to a logged-in operator’s mobile device to extract the session token and gain access for a limited duration. Affecte...
PT-2026-22715
Cleartext Storage of Sensitive Information CWE-312 in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator's mobile device to extract the session token and exploit access for a limited duration. This issue affects Command Centre Mobile...
CVE-2026-0024
In isRedactionNeededForOpenViaContentResolver of MediaProvider.java, there is a possible way to reveal the location of media due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from a logic error in multiple functions of TaskFragmentOrganizerController.java, which can be exploited by an attacker to elevate privileg...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an Access Control Error vulnerability that originates from a logic error in multiple functions of ContentProvider.java, which can be exploited by an attacker to cause an application with read-onl...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which stems from a lack of permission checking in validateAddingWindowLw of DisplayPolicy.java, and can be exploited by an attacker to cause an application to intercept...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from a logic error in exitKeyguardAndFinishSurfaceBehindRemoteAnimation of KeyguardViewMediator.java, which can be exploited by an attacker...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from a logic error in multiple functions of KeyguardViewMediator.java, which can be exploited by an attacker to gain elevated privileges on...
Android Security Bulletin—March 2026Stay organized with collectionsSave and categorize content based on your preferences.
This Android Security Bulletin contains details of security vulnerabilities that affect Android devices. Security patch levels of 2026-03-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Source code patches...