VDB

CESS-2026-0070

CESS-2026-0070 PUBLISHED CVSS 5.5 MEDIUM

In multiple functions of DevicePolicyManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Timeline

  • Jun 1, 2026 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›