Loading market data...
← Back to CVE feed

CVE-2026-0094

HIGH CVSS 7.8 View on NVD ↗

Description

In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Published: Jun 01, 2026 22:16 UTC Modified: Jun 02, 2026 13:04 UTC