Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

CVE-2026-0095

AI Predicted 7.8 Difficulty: Moderate EPSS 0.11% · P1

Possible ATT&CK Techniques 1AI

T1190 · Exploit Public-Facing Application

Affected Version Matrix 4

VendorProductVersion RangeStatus
GoogleAndroid16-qpr2affected
16affected
15affected
14affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-0095

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
In l2c_fcr_clone_buf of l2c_fcr.cc, there is a possible way to trigger controlled heap corruption within the privileged Bluetooth process due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Google Android 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Google Android是美国谷歌(Google)公司的一套以Linux为基础的开源操作系统。 Google Android存在安全漏洞,该漏洞源于l2c_fcr.cc中的l2c_fcr_clone_buf函数存在整数溢出,可能导致在特权蓝牙进程中触发受控堆损坏。这可能导致本地权限提升,无需额外执行权限,也无需用户交互。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
GoogleAndroid 16-qpr2 -

II. Public POCs for CVE-2026-0095

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-0095

登录查看更多情报信息。

Vendor Advisories for CVE-2026-0095 (1)

Same Patch Batch · Google · 2026-06-01 · 61 CVEs total

CVE-2026-0039Google Android 安全漏洞
CVE-2025-22424Google Android 安全漏洞
CVE-2025-32348Google Android 安全漏洞
CVE-2025-48570Google Android 安全漏洞
CVE-2025-48595Google Android 安全漏洞
CVE-2025-26418Google Android 安全漏洞
CVE-2026-0040Google Android 安全漏洞
CVE-2026-0043Google Android 安全漏洞
CVE-2026-0045Google Android 安全漏洞
CVE-2026-0044Google Android 安全漏洞
CVE-2026-0009Google Android 安全漏洞
CVE-2026-0046Google Android 安全漏洞
CVE-2026-0042Google Android 安全漏洞
CVE-2026-0041Google Android 安全漏洞
CVE-2026-0048Google Android 安全漏洞
CVE-2026-0061Google Android 安全漏洞
CVE-2026-0055Google Android 安全漏洞
CVE-2026-0052Google Android 安全漏洞
CVE-2026-0069Google Android 安全漏洞
CVE-2026-0059Google Android 安全漏洞

Showing top 20 of 61 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Android
Same vendor: Google

V. Comments for CVE-2026-0095

No comments yet

Leave a comment