PatchSiren cyber security CVE debrief
CVE-2026-28576 Android CVE debrief
A critical SQL injection vulnerability exists in Android's Contacts Provider, potentially allowing local information disclosure. The CVE record was published on 2026-06-17T13:20:15.357Z and has not been modified since then. This vulnerability is highly severe with a CVSS score of 10, indicating that it could have a significant impact on affected systems. Android users and administrators should be aware of this vulnerability and take necessary precautions. The vulnerability is caused by a SQL injection issue in the Contacts Provider, which could allow an attacker to access the contacts database without needing additional execution privileges. User interaction is not required for exploitation.
- Vendor
- Android
- Product
- Unknown
- CVSS
- CRITICAL 10
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-17
- Original CVE updated
- 2026-06-17
- Advisory published
- 2026-06-17
- Advisory updated
- 2026-06-17
Who should care
Android users and administrators should be aware of this vulnerability, as it could lead to local information disclosure. This vulnerability is highly severe with a CVSS score of 10, indicating that it could have a significant impact on affected systems. Affected product deployments should be reviewed to ensure that they are not exposed to this vulnerability. Security teams and vulnerability management teams should prioritize patching this vulnerability.
Technical summary
The vulnerability is caused by a SQL injection issue in the Contacts Provider. This could allow an attacker to access the contacts database without needing additional execution privileges. User interaction is not required for exploitation. The vulnerability has a CVSS score of 10, indicating that it is highly severe. The CVE record and NVD detail provide information on the vulnerability, but further investigation is needed to fully understand the impact and potential mitigations.
Defensive priority
High priority should be given to patching this vulnerability, as it is rated as Critical with a CVSS score of 10.
Recommended defensive actions
- Apply the patch provided by the vendor
- Review and update access controls for the Contacts Provider
- Monitor for suspicious activity related to contact data access
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
Evidence notes
The CVE record and NVD detail provide information on the vulnerability. However, further investigation is needed to fully understand the impact and potential mitigations. The vulnerability has a CVSS score of 10, indicating that it is highly severe. The source item URL and vendor advisory also provide relevant information. Defenders should verify that affected product deployments exist in managed environments and assign an owner for follow-up.
Official resources
-
CVE-2026-28576 CVE record
CVE.org
-
CVE-2026-28576 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-06-17T13:20:15.357Z and has not been modified since then.