PatchSiren cyber security CVE debrief
CVE-2026-0145 Google CVE debrief
A vulnerability was discovered in keymint, which could lead to a Permission Bypass. This issue is due to a logic error in the code. An attacker could exploit this vulnerability to disclose local information without needing additional execution privileges. User interaction is not required for exploitation.
- Vendor
- Product
- Android
- CVSS
- LOW 3.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-17
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-17
Who should care
Users of affected Android devices should apply patches as soon as available to prevent potential local information disclosure.
Technical summary
The vulnerability exists in the keymint component, where a logic error could allow for a Permission Bypass. This could result in local information disclosure without requiring additional execution privileges.
Defensive priority
High
Recommended defensive actions
- Apply patches as soon as available.
- Use secure practices when handling sensitive information.
Evidence notes
Evidence suggests that this vulnerability affects Android devices. Reference: [ref-4](https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01).
Official resources
-
CVE-2026-0145 CVE record
CVE.org
-
CVE-2026-0145 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-0145 was published on [cvePublishedAt] and modified on [cveModifiedAt].