PT-2026-45569 · Google · Android

CVE-2026-0009

·

Published

2026-06-01

·

Updated

2026-06-01

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)
Description A logic error in the Framework component of the Android operating system leads to incorrect code generation and potential tapjacking. Tapjacking is a technique where an attacker overlays a transparent or misleading window over a legitimate application to trick the user or system into performing unintended actions. This issue allows a local attacker to achieve escalation of privilege without requiring additional execution privileges or user interaction.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Code Injection

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-07653
CVE-2026-0009

Affected Products

Android