EUVD-2026-37554

In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2025-210213

In multiple functions of btmsec.cc, there is a possible way for an attacker to intercept SMS messages due to a logic error in the code. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2026-0063

In setAllowedCarriers of PhoneInterfaceManager.java, there is a possible way to disable carrier restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0063

CVE-2026-0063 affects the Android framework component PhoneInterfaceManager.java, where a logic error in setAllowedCarriers could disable carrier restrictions, enabling local privilege escalation with no additional privileges and no user interaction required. The issue is cataloged as an Elevatio...

CVE-2026-0071

Summary: CVE-2026-0071 affects SettingsLib where a logic error may skip a permission check, enabling local escalation of privilege with no additional privileges or user interaction required. The vulnerability is described across NVD, ENISA EUVD, CVE records, and PT/security bulletins, all citing ...

CVE-2026-0019

CVE-2026-0019 affects SettingsLib and enables a logic-error path that could disable system components, enabling local privilege escalation without extra privileges or user interaction. The issue is classified as Elevation of Privilege (High) in Android 17 release notes; patches are included in An...

CVE-2026-0019

In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48571

CVE-2025-48571 affects the btm_sec.cc code path and enables possible interception of SMS messages due to a logic error, leading to remote information disclosure with no extra privileges, requiring user interaction. The connected ENISA and NVD/NVD-derived entries corroborate this CVE as of Android...

EUVD-2026-37179

In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0145

In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0134

In PostWipeData of recoveryui.cpp, there is a possible data persistence issue after a factory reset due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0145

CVE-2026-0145 affects Keymint; a logic error allows a permission bypass leading to local information disclosure without extra privileges or user interaction. Exploitation status and fix details are not provided in the supplied documents; several sources list the issue but no patch information is ...

CVE-2026-0145

In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-50628

A logic error in OAuthRequestFilter rejects legitimate requests originating from the bound IP address, while blindly allowing requests from any other IP address. Enabling this security feature inadvertently creates an inverse security check. Users are recommended to upgrade to versions 4.2.2 or...

CVE-2026-11465 songquanpeng one-api Redemption Code Top-Up Endpoint redemption.go Redeem logic error

A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotel...

CVE-2026-11465 songquanpeng one-api Redemption Code Top-Up Endpoint redemption.go Redeem logic error

A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotel...

PT-2026-47196

Name of the Vulnerable Software and Affected Versions songquanpeng one-api versions prior to 0.6.11-preview.7 Description A business logic error exists in the Redemption Code Top-Up Endpoint. The issue is located within the Redeem function of the model/redemption.go file. This flaw allows for...

CVE-2026-28581

In fixInitiatingUserIfNecessary of CallIntentProcessor.java, there is a possible way to make an emergency call due to a logic error in the code. This could lead to local with null execution privileges needed. User interaction is null for exploitation...

CVE-2026-0067

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a permanent denial of service due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-10860

A logic error in the MISP CRUD component delete handler allowed validation failures to be bypassed when requests used the HTTP DELETE method. Due to missing parentheses in the delete condition, the expression was evaluated as $validationError === null && POST || DELETE, meaning a DELETE request...