PatchSiren cyber security CVE debrief
CVE-2026-0141 Google CVE debrief
CVE-2026-0141 is a vulnerability in the decodeAppPacket function of RtcpAppPacket.cpp. This issue is due to a missing bounds check, which could lead to an out-of-bounds (OOB) read. The vulnerability can be exploited remotely without requiring additional execution privileges or user interaction. Successful exploitation could result in information disclosure.
- Vendor
- Product
- Android
- CVSS
- MEDIUM 4.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-17
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-17
Who should care
This vulnerability may impact users of affected Android devices. However, specific details about affected products and versions are not provided in the available information.
Technical summary
The vulnerability is located in the decodeAppPacket function of RtcpAppPacket.cpp. A missing bounds check allows for an out-of-bounds read, potentially leading to remote information disclosure.
Defensive priority
High
Recommended defensive actions
- Apply patches or updates provided by the vendor once available.
- Review and update configurations to limit exposure.
- Monitor for advisories from the vendor for specific guidance.
Evidence notes
Evidence suggests that this is related to Android, based on the source reference provided.
Official resources
-
CVE-2026-0141 CVE record
CVE.org
-
CVE-2026-0141 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-0141 was published on 2026-06-16T20:16:24.907Z and modified on 2026-06-16T20:42:25.013Z.