PT-2026-39905

Name of the Vulnerable Software and Affected Versions TanStack affected versions not specified Description A supply chain attack involving a self-propagating worm known as Mini Shai-Hulud allowed the publication of malicious versions of 42 @tanstack/ packages to the npm registry. The attacker...

PT-2026-36990

Name of the Vulnerable Software and Affected Versions apko affected versions not specified Description apko verifies the signature on 'APKINDEX.tar.gz' but fails to compare individually downloaded '.apk' packages against the checksum recorded in the signed index. Although the checksum is parsed v...

CVE-2025-48584

In multiple functions of NotificationManagerService.java, there is a possible way to bypass the per-package channel limits causing resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2025-201770

In multiple functions of NotificationManagerService.java, there is a possible way to bypass the per-package channel limits causing resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48584

In multiple functions of NotificationManagerService.java, there is a possible way to bypass the per-package channel limits causing resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48584

In multiple functions of NotificationManagerService.java, there is a possible way to bypass the per-package channel limits causing resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48584

In multiple functions of NotificationManagerService.java, there is a possible way to bypass the per-package channel limits causing resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48584

CVE-2025-48584 affects the Android Framework via NotificationManagerService.java, where a method can bypass per-package channel limits, enabling local DoS through resource exhaustion without user interaction. The issue is documented across multiple feeds (NVD/Red Hat/ENISA/OSV) and is categorized...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in Google Android that stems from a method that may bypass per-package channel restrictions in multiple functions of NotificationManagerService.java, resulting in...

ASB-A-425662627

In multiple functions of NotificationManagerService.java, there is a possible way to bypass the per-package channel limits causing resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2025-43473

In multiple functions of NotificationManagerService.java, there is a possible way to bypass the per-package channel limits causing resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...