CVE-2026-45182

GrapheneOS before 2026050400 allows attackers to discover the real IP address of a VPN user as a consequence of a registerQuicConnectionClosePayload optimization, because an application can let systemserver transmit UDP traffic on its behalf. This occurs when the "Block connections without VPN" a...

CVE-2026-45182

GrapheneOS before 2026050400 allows attackers to discover the real IP address of a VPN user as a consequence of a registerQuicConnectionClosePayload optimization, because an application can let systemserver transmit UDP traffic on its behalf. This occurs when the "Block connections without VPN" a...

EUVD-2026-28944

GrapheneOS before 2026050400 allows attackers to discover the real IP address of a VPN user as a consequence of a registerQuicConnectionClosePayload optimization, because an application can let systemserver transmit UDP traffic on its behalf. This occurs when the "Block connections without VPN" a...

CVE-2026-45182

GrapheneOS before 2026050400 allows attackers to discover the real IP address of a VPN user as a consequence of a registerQuicConnectionClosePayload optimization, because an application can let systemserver transmit UDP traffic on its behalf. This occurs when the "Block connections without VPN" a...

CVE-2026-45182

Summary: CVE-2026-45182 affects GrapheneOS prior to 2026050400. A vulnerability arises from a registerQuicConnectionClosePayload optimization that lets a local attacker infer the real IP address of a VPN user when the device has both “Block connections without VPN” and “Always-on VPN” enabled, by...

CVE-2026-45182

GrapheneOS before 2026050400 allows attackers to discover the real IP address of a VPN user as a consequence of a registerQuicConnectionClosePayload optimization, because an application can let systemserver transmit UDP traffic on its behalf. This occurs when the "Block connections without VPN" a...

PT-2026-39421

Name of the Vulnerable Software and Affected Versions GrapheneOS versions prior to 2026050400 Description An optimization in the registerQuicConnectionClosePayload function allows attackers to discover the real IP address of a VPN user. This occurs because an application can cause the system serv...

GrapheneOS 安全漏洞

GrapheneOS is a mobile operating system developed by GrapheneOS Inc. Prior versions of GrapheneOS, including 2026050400, contained security vulnerabilities. These vulnerabilities stemmed from the optimization of the registerQuicConnectionClosePayload function, which could allow attackers to...

They Built a Legendary Privacy Tool. Now They’re Sworn Enemies

There’s a lot of love all over the world for GrapheneOS, the gold standard of mobile security. There’s very little love between the two guys at the center of its history...

PT-2026-4703

Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A flaw exists in the PackageInstallerService.java component, specifically within the createSessionInternal function. This issue allows an application to potentially alter its ownership due to...

PT-2026-4711

In multiple functions of ubsan throwing runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4683

In multiple locations, there is a possible way to reveal images across users due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

PT-2026-4686

In jump to payload of payload.rs, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4684

In many functions of ComputerEngine.java, there is a possible way to access URIs across users due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4690

In multiple locations, there is a possible way to reset user-selected permissions selections due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4714

In multiple functions of ubsan throwing runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4707

Name of the Vulnerable Software and Affected Versions ManagedServices affected versions not specified Description An issue exists in the setPackageOrComponentEnabled function of ManagedServices.java related to improper input validation. This can result in a notification policy desync, potentially...

PT-2026-4693

In onStart of CompanionDeviceManagerService.java, there is a possible confused deputy due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4695

In isPackageNullOrSystem of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4706

Look at the security patch preview section of https://t.co/ySklSke3uy. These are from the upcoming patch levels: Critical: CVE-2026-0039, CVE-2026-0040, CVE-2026-0041, CVE-2026-0042, CVE-2026-0043, CVE-2026-0044 High: CVE-2025-22424, CVE-2025-22426, CVE-2025-32348, CVE-2025-48561, CVE-2025-48615,...