Key Leak Vulnerability in Trusted Execution Environment by Google
CVE-2026-0115

2.1LOW

Key Information:

Vendor: Google
Status: Android
Vendor: CVE Published:; 10 March 2026

What is CVE-2026-0115?

A vulnerability has been identified within the Trusted Execution Environment (TEE) that may allow key information to be leaked through side channel attacks. This information disclosure could occur without requiring enhanced execution privileges, making it accessible under certain conditions. Notably, exploitation of this vulnerability necessitates user interaction, which emphasizes the critical importance of user vigilance in mitigating potential risks.

Affected Version(s)

Android Android kernel

References

https://source.android.com/docs/security/bulletin/2026/20...

vendor-advisory

CVSS V3.1

Score:

2.1

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 10, 2026
Vulnerability Reserved
Oct 23, 2025

CVE-2026-0115 Data

JSON