Sensitive Information Disclosure Vulnerability in Android's AdapterService
CVE-2026-0050

Currently unrated

Key Information:

Vendor: Google
Status: Android
Vendor: CVE Published:; 1 June 2026

What is CVE-2026-0050?

A vulnerability in the handleBondStateChanged method of the AdapterService class permits sensitive information disclosure due to a permissions bypass. Exploitation of this flaw allows local information exposure without requiring additional execution privileges or user interaction, potentially compromising user data.

Affected Version(s)

Android 16-qpr2

Android 16

Android 15

References

https://source.android.com/docs/security/bulletin/2026/20...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 1, 2026
Vulnerability Reserved
Oct 15, 2025

CVE-2026-0050 Data

JSON

Google

What is CVE-2026-0050?

Affected Version(s)

References

Timeline