Out-of-Bounds Read Vulnerability in RTCP Packet Decoder from Android
CVE-2026-0165

5.7MEDIUM

Key Information:

Vendor

Google

Status
Vendor
CVE Published:
16 June 2026

What is CVE-2026-0165?

The vulnerability in the RTCP packet decoder can potentially allow an attacker to exploit out-of-bounds reads due to an absence of proper bounds checks. This security flaw may lead to remote information disclosure, requiring user interaction for successful exploitation. Updating to the latest Android security patch is critical to mitigate the risks associated with this vulnerability.

Affected Version(s)

Android Android kernel

References

CVSS V3.1

Score:
5.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.