PatchSiren cyber security CVE debrief
CVE-2026-0150 Google CVE debrief
CVE-2026-0150 is a vulnerability in the ExecuteGraph command handler of EdgeTPU firmware, which could lead to local escalation of privilege with root privileges needed. An integer overflow can cause an out of bounds write. User interaction is not needed for exploitation. The CVE was published on {cvePublishedAt} and last modified on {cveModifiedAt}.
- Vendor
- Product
- Android
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-17
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-17
Who should care
This vulnerability affects users of EdgeTPU firmware. Successful exploitation could lead to local escalation of privilege with root privileges.
Technical summary
The vulnerability is caused by an integer overflow in the ExecuteGraph command handler of EdgeTPU firmware, which can result in an out of bounds write.
Defensive priority
high
Recommended defensive actions
- Apply patches or updates provided by the vendor as soon as they become available.
- Monitor system logs for suspicious activity.
- Restrict access to sensitive areas of the system.
Evidence notes
Vendor: {vendorName}. Product: {productName}.
Official resources
-
CVE-2026-0150 CVE record
CVE.org
-
CVE-2026-0150 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-0150 was published on {cvePublishedAt} and last modified on {cveModifiedAt}.