PT-2026-46575

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Media component allows a remote attacker who has compromised the renderer process to execute arbitrary code inside a sandbox by using a...

PT-2026-46733

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Autofill component allows a remote attacker to potentially perform a sandbox escape via malicious network traffic. A sandbox escape is ...

PT-2026-46440

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Media component allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted...

PT-2026-46584

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in SiteIsolation allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML...

CVE-2025-59611

Memory corruption in diagnostic services due to absence of input validation...

CVE-2026-28578

In multiple functions of DevicePolicyManagerService.java, there is a possible desync from persistence due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0085

In applySimpleFieldMaxSize of DataRowHandler.java, there is a possible way to insert a large contact name due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0070

In multiple functions of DevicePolicyManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0078

In setGlobalProxy of DevicePolicyManagerService.java, there is a possible desync in persistence due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0051

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0018

In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-22424

In multiple locations, there is a possible way to reveal images across users due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2026-25260 Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service

Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications...

CVE-2026-24092 Improper Validation of Syntactic Correctness of Input in Display

Memory Corruption when processing fastboot commands to set display mode...

CVE-2026-24092 Improper Validation of Syntactic Correctness of Input in Display

Memory Corruption when processing fastboot commands to set display mode...

CVE-2026-24089 Improper Validation of Syntactic Correctness of Input in Kernel

Memory corruption while processing fastboot commands with invalid input...

CVE-2026-24087 Improper Validation of Syntactic Correctness of Input in Kernel

Memory corruption while processing fastboot OEM commands...

CVE-2025-59611

Technical details about CVE-2025-59611 are not publicly available in the provided documents. Monitor for updates on affected products, versions, impact, and remediation.

CVE-2025-59611 Out-of-bounds Write in Core Services

Memory corruption in diagnostic services due to absence of input validation...

CVE-2025-59611 Out-of-bounds Write in Core Services

Memory corruption in diagnostic services due to absence of input validation...