CVE-2025-26426

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)

Description A flaw exists in the Framework component of the Android operating system related to a buffer copy without proper input validation. This issue may allow an attacker to escalate privileges locally without requiring additional execution privileges or user interaction. The vulnerability resides within the registerReceiverWithFeatureTraced function in BroadcastController.java and involves receiving broadcasts intended for the “android” package.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.