CVE-2025-26418
CVSS Score
7.8
EPSS Score
0.0%
EPSS Percentile
0th
In setUserDisclaimerAcknowledged of CarDevicePolicyService.java, there is a possible way to bypass the user dialog when adding an account to a managed device due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
| Vendor | |
| Product | android |
| Ecosystems | |
| Industries | TechnologyMobile |
| Published | Jun 1, 2026 |
| Last Updated | Jun 3, 2026 |
Stay Ahead of the Next One
Get instant alerts for google android
Be the first to know when new high vulnerabilities affecting google android are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Google / Android
15 14