CVE-2026-0049

MEDIUM CVSS 6.2 View on NVD ↗

Description

In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

https://source.android.com/docs/security/bulletin/2026/2026-04-01

Published: Apr 06, 2026 19:16 UTC Modified: Apr 07, 2026 13:20 UTC