CVE-2026-0126

In WC-Radio, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Configurations

Configuration 1 (hide)

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

History

24 Jun 2026, 17:16

Type Values Removed Values Added
CWE CWE-120

22 Jun 2026, 16:10

Type Values Removed Values Added
First Time Google
Google android
CWE CWE-787
CPE cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
References () https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01 - () https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01 - Vendor Advisory

16 Jun 2026, 20:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-16 20:16

Updated : 2026-06-24 17:16


NVD link : CVE-2026-0126

Mitre link : CVE-2026-0126

CVE.ORG link : CVE-2026-0126


JSON object : View

Products Affected

google

  • android
CWE
CWE-787

Out-of-bounds Write

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')