PT-2026-35867 · Unknown · Package Manager Service

Vignesh.K.G

Published

2026-04-29

Updated

2026-05-01

CVE-2026-21023

CVSS v4.0

6.9

Medium

Vector

AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions PackageManagerService versions prior to SMR Mar-2026 Release 1

Description Insufficient verification of data authenticity in the PackageManagerService allows local attackers to modify the installation restriction of specific applications.

Recommendations Update to SMR Mar-2026 Release 1.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-21023

Affected Products

Package Manager Service

PT-2026-35867 · Unknown · Package Manager Service

CVE-2026-21023

Related Identifiers

Affected Products

References · 6