CVE-2026-20426 — Vulnetix

CVE-2026-20426 PUBLISHED CVSS 7.5 HIGH

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

EPSS 0.01% · 0.4th percentile

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.01%

0.4th percentile

Affected Products

Vendor	Product	Versions
Unisoc (Shanghai) Technologies Co., Ltd.	T7300/T8100/T9100/T8200/T8300	Android13/Android14/Android15/Android16

Timeline

Nov 3, 2025 CVE ID Reserved
Mar 2, 2026 EPSS Score
Mar 2, 2026 CVE Published
Mar 3, 2026 EPSS Score
Mar 5, 2026 EPSS Score
Mar 6, 2026 EPSS Score
Mar 7, 2026 EPSS Score
Mar 9, 2026 EPSS Score
Mar 10, 2026 EPSS Score
Mar 11, 2026 EPSS Score
Mar 12, 2026 EPSS Score
Mar 14, 2026 EPSS Score

References

https://source.android.com/docs/security/bulletin/2026/2026-03-01?hl=fr advisory
https://www.unisoc.com/en/support/announcement/2030931350138310657 url

Open in Interactive Console →