CVE-2026-0035
CVSS Score
8.4
EPSS Score
0.0%
EPSS Percentile
0th
In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
| Vendor | |
| Product | android |
| Ecosystems | |
| Industries | TechnologyMobile |
| Published | Mar 2, 2026 |
| Last Updated | Mar 6, 2026 |
Stay Ahead of the Next One
Get instant alerts for google android
Be the first to know when new high vulnerabilities affecting google android are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Google / Android
16-qpr2 16 15 14