VDB

TNCVE-2026-0016

TNCVE-2026-0016 PUBLISHED

In updateProvidersWhenServiceRemoved of CredentialManagerService.java, there is a possible way to override settings across users due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Timeline

  • Jun 1, 2026 CVE Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›