|
651
|
9.1 |
CRITICAL
Network
|
apache
|
airflow
|
Apache Airflow's official documentation at `core-concepts/dag-run.html` ("Passing Parameters when triggering Dags") showed a verbatim `BashOperator(bash_command="echo value: {{ dag_run.conf['conf1'] …
New
|
CWE-1336
Improper Neutralization of Special Elements Used in a Template Engine
|
CVE-2026-42252
|
2026-06-3 03:48 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
652
|
6.2 |
MEDIUM
Local
|
google
|
android
|
In createSessionInternal of PackageInstallerService.java, there is a possible to update a Device Policy Controller (DPC) into an invalid directory due to a path traversal error. This could lead to lo…
New
|
CWE-22
CWE-269
Path Traversal
Improper Privilege Management
|
CVE-2026-0055
|
2026-06-3 03:47 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
653
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution priv…
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-0052
|
2026-06-3 03:47 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
654
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a system crash due to improper input validation. This could lead to remote denial of service with no additional e…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-0051
|
2026-06-3 03:47 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
655
|
3.3 |
LOW
Local
|
google
|
android
|
In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disclosure due to a permissions bypass. This could lead to local information disclosure with no additional …
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-0050
|
2026-06-3 03:47 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
656
|
6.8 |
MEDIUM
Local
|
google
|
android
|
In hide of WindowState.java, there is a possible way to trick the user into approving permissions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no addition…
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-0048
|
2026-06-3 03:46 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
657
|
6.2 |
MEDIUM
Local
|
google
|
android
|
In InputInterceptor of Letterbox.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no…
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-0046
|
2026-06-3 03:46 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
658
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause the system to crash due to an integer overflow. This could lead to remote denial of service with no additional ex…
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-0044
|
2026-06-3 03:46 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
659
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local escalation of privilege with no additional e…
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-0043
|
2026-06-3 03:45 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
660
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional executi…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-0042
|
2026-06-3 03:45 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
