Out of Bounds Write Vulnerability in Android Product by Google
CVE-2026-0124

10CRITICAL

Key Information:

Vendor: Google
Status: Android
Vendor: CVE Published:; 10 March 2026

What is CVE-2026-0124?

A vulnerability exists in Google's Android OS that allows for an out of bounds write due to a missing bounds check. This flaw could potentially enable a local attacker to escalate privileges without requiring any additional execution permissions or user interaction. It underscores the importance of implementing robust security measures to mitigate risks associated with unverified memory access. Users of affected Android versions should apply recommended security patches to safeguard their devices.

Affected Version(s)

Android Android Kernel

References

https://source.android.com/docs/security/bulletin/pixel/2...

vendor-advisory

CVSS V4

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 10, 2026
Vulnerability Reserved
Oct 23, 2025

Credit

Christopher Wade

CVE-2026-0124 Data

JSON