PatchSiren cyber security CVE debrief
CVE-2026-0158 Google CVE debrief
CVE-2026-0158 is a vulnerability in the Camera component that allows for unauthorized access to photos due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not required for exploitation.
- Vendor
- Product
- Android
- CVSS
- LOW 3.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-17
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-17
Who should care
Android users and administrators should be aware of this vulnerability and take steps to ensure their devices are updated with the necessary patches.
Technical summary
The vulnerability is located in the Camera component and is caused by a missing permission check. This allows for unauthorized access to photos, potentially leading to local information disclosure.
Defensive priority
high
Recommended defensive actions
- Apply the necessary patches from the vendor as soon as possible.
- Ensure that devices are updated with the latest security patches.
- Review and update access controls and permissions for the Camera component.
Evidence notes
The CVE record and NVD detail pages provide information on the vulnerability, including its description, CVSS score, and affected products.
Official resources
-
CVE-2026-0158 CVE record
CVE.org
-
CVE-2026-0158 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-0158 was published on 2026-06-16T20:16:26.420Z and modified on 2026-06-16T20:42:25.013Z.