What is CVE-2026-0142?

CVE-2026-0142 is a low-severity vulnerability in Google Android, classified under Improper Input Validation. CVSS score: 3.3/10. Published 2026-06-16.

How severe is CVE-2026-0142?

Low severity. CVSS v3 base score is 3.3 out of 10.

Out-of-bounds Read in Google Android

CVE-2026-0142

In iavb_parse_key_data of avb_rsa.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed fo…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

CVSS v3 metric

CVSS v3 base score 3.3 (Low). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N.

Affected products

Google Android — versions Android kernel

Weakness classification (CWE)

CWE-20 — Improper Input Validation
CWE-125 — Out-of-bounds Read

References

dsap-vuln-management@google.com (Vendor Advisory)

Frequently asked questions

What is CVE-2026-0142?: CVE-2026-0142 is a low-severity vulnerability in Google Android, classified under Improper Input Validation. CVSS score: 3.3/10. Published 2026-06-16.
How severe is CVE-2026-0142?: Low severity. CVSS v3 base score is 3.3 out of 10.