A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HGoogle Android
OSGoogle6.06.0.17.07.1.17.1.28.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
Related vulnerabilities
CVE-2020-16010CRITICAL9.6⚠ KEVten sam produkt
Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who ha...
CVE-2016-1019CRITICAL9.8⚠ KEVten sam produkt
Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application cr...
CVE-2026-13851CRITICAL9.1ten sam produkt
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.4...
CVE-2026-13852CRITICAL9.1ten sam produkt
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.4...
CVE-2026-14106CRITICAL9.6ten sam produkt
Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed ...