Local Denial of Service Vulnerability in Android APK Verification
CVE-2026-0069

Currently unrated

Key Information:

Vendor: Google
Status: Android
Vendor: CVE Published:; 1 June 2026

What is CVE-2026-0069?

A local denial of service vulnerability exists in the APK verification process, specifically within the verifySignature method of ApkChecksums.java. This flaw may allow an attacker to cause a crash due to resource exhaustion, which could disrupt the verification of APK files without requiring any user interaction or elevated privileges for exploitation. It highlights the importance of robust resource management to prevent service disruptions in the Android ecosystem.

Affected Version(s)

Android 14

References

https://source.android.com/docs/security/bulletin/2026/20...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 1, 2026
Vulnerability Reserved
Oct 15, 2025

CVE-2026-0069 Data

JSON

Google

What is CVE-2026-0069?

Affected Version(s)

References

Timeline