Denial of Service Vulnerability in DevicePolicyManagerService for Android Devices
CVE-2026-0070

Currently unrated

Key Information:

Vendor: Google
Status: Android
Vendor: CVE Published:; 1 June 2026

What is CVE-2026-0070?

In the DevicePolicyManagerService of Android, a vulnerability exists due to improper input validation across multiple functions. This flaw allows for the potential hiding of a system critical package, which can lead to a local denial of service condition. Notably, the exploitation of this vulnerability does not require additional execution privileges or user interaction, making it a significant risk for affected devices.

Affected Version(s)

Android 16-qpr2

Android 16

Android 15

References

https://source.android.com/docs/security/bulletin/2026/20...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 1, 2026
Vulnerability Reserved
Oct 15, 2025

CVE-2026-0070 Data

JSON

Google

What is CVE-2026-0070?

Affected Version(s)

References

Timeline