VDB
CVE-2026-0108
CVE-2026-0108
PUBLISHED
CVSS 4 MEDIUM
The register protection of the PowerVR GPU is incorrectly configured. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
EPSS 0.01% · 0.6th percentile
Risk Scores
CVSS 3.1
4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.01%
0.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | * | |
| android |
Exploit Intelligence
- https://source.android.com/docs/security/bulletin/pixel/2026/2026-03-01 (circl)
- https://source.android.com/docs/security/bulletin/2026/2026-03-01 (circl)
- Run-SharedHelperRegression.ps1 (github-poc)
- Run-SharedHelperRegression.ps1 (github-poc)
- Run-SharedHelperRegression.ps1 (github-poc)
- Run-SharedHelperRegression.ps1 (github-poc)
- ghost_report_20260113_010235.json (github-poc)
- ghost_report_20260113_010235.json (github-poc)
- ghost_report_20260113_010235.json (github-poc)
- ghost_report_20260113_010235.json (github-poc)
Timeline
- Mar 4, 2026 CVE Published
- Mar 11, 2026 EPSS Score
- Mar 12, 2026 EPSS Score
- Mar 13, 2026 EPSS Score
- Mar 14, 2026 EPSS Score
- Mar 15, 2026 EPSS Score
- Mar 16, 2026 EPSS Score
- Mar 17, 2026 EPSS Score
- Mar 18, 2026 EPSS Score
- Mar 19, 2026 EPSS Score
- Mar 20, 2026 EPSS Score
- Mar 21, 2026 EPSS Score
References
- https://source.android.com/docs/security/bulletin/pixel/2026/2026-03-01?hl=fr advisory
- https://source.android.com/docs/security/bulletin/2026/2026-03-01 vendor-advisory
- https://source.android.com/docs/security/bulletin/pixel/2026/2026-03-01 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-0108 advisory
- https://source.android.com/security/bulletin/pixel/2026-03-01 url