Vulnerability-Lookup

CVE-2025-47378 (GCVE-0-2025-47378)

Vulnerability from cvelistv5 – Published: 2026-03-02 16:53 – Updated: 2026-03-03 04:56

Title

Exposure of Sensitive System Information to an Unauthorized Control Sphere in HLOS

Summary

Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain.

Severity ?

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere

Assigner

qualcomm

References

URL

	Vendor	Product	Version
	Qualcomm, Inc.	Snapdragon	Affected: Cologne Affected: FastConnect 6700 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: LeMans_AU_LGIT Affected: LeMansAU Affected: Pandeiro Affected: QAM8255P Affected: QAMSRV1H Affected: QAMSRV1M Affected: QCA6391 Affected: QCA6595 Affected: QCA6595AU Affected: QCA6696 Affected: QCA6698AQ Affected: QCA6797AQ Affected: QLN1083BD Affected: QLN1086BD Affected: QPA1083BD Affected: QPA1086BD Affected: QXM1083 Affected: QXM1086 Affected: QXM1093 Affected: QXM1094 Affected: QXM1095 Affected: QXM1096 Affected: SA7255P Affected: SA7775P Affected: SA8255P Affected: SA8620P Affected: SA8770P Affected: SA9000P Affected: SAR1165P Affected: SAR1250P Affected: SAR2130P Affected: SAR2230P Affected: SD865 5G Affected: Snapdragon 8 Elite Gen 5 Affected: Snapdragon 865 5G Mobile Platform Affected: Snapdragon 865+ 5G Mobile Platform Affected: Snapdragon 870 5G Mobile Platform Affected: Snapdragon AR1 Gen 1 Platform Affected: Snapdragon AR1+ Gen 1 Platform Affected: Snapdragon X55 5G Modem-RF System Affected: Snapdragon XR2 5G Platform Affected: Snapdragon XR2+ Gen 1 Platform Affected: SRV1H Affected: SRV1M Affected: SXR2230P Affected: SXR2250P Affected: WCD9378C Affected: WCD9380 Affected: WCD9385 Affected: WCD9395 Affected: WCN3950 Affected: WCN7860 Affected: WCN7861 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H Affected: X2000077 Affected: X2000086 Affected: X2000090 Affected: X2000092 Affected: X2000094 Affected: XG101002 Affected: XG101032 Affected: XG101039

GHSA-HPQ4-RXRF-Q4QG

Vulnerability from github – Published: 2026-03-02 18:31 – Updated: 2026-03-02 18:31

Details

Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain.

Severity ?

7.1 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-47378"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-02T17:16:25Z",
    "severity": "HIGH"
  },
  "details": "Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain.",
  "id": "GHSA-hpq4-rxrf-q4qg",
  "modified": "2026-03-02T18:31:45Z",
  "published": "2026-03-02T18:31:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47378"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

NCSC-2026-0074

Vulnerability from csaf_ncscnl - Published: 2026-03-03 09:07 - Updated: 2026-03-03 09:07

Summary

Kwetsbaarheden verholpen in Google Android en Samsung Mobile

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Google heeft kwetsbaarheden verholpen in Android. In deze update zijn ook updates meegenomen voor closed-source componenten van Qualcomm, Imagination Technologies, Unisoc en MediaTek. Samsung heeft kwetsbaarheden in Samsung Mobile verholpen die relevant zijn voor Samsung mobile devices.

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, zichzelf verhoogde rechten toe te kennen, toegang te krijgen tot gevoelige gegevens of willekeurige code uit te voeren. Voor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden om een malafide app te installeren en uit te voeren, of een malafide link te volgen. Google heeft verder, zoals gebruikelijk, weinig inhoudelijke informatie beschikbaar gesteld.

Oplossingen

Google heeft updates uitgebracht om de kwetsbaarheden te verhelpen in Android 14, 15 en 16. Samsung heeft updates uitgebracht om kwetsbaarheden die relevant zijn voor Samsung Mobile devices te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-20

Improper Input Validation

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-59

Improper Link Resolution Before File Access ('Link Following')

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-121

Stack-based Buffer Overflow

CWE-122

Heap-based Buffer Overflow

CWE-125

Out-of-bounds Read

CWE-126

Buffer Over-read

CWE-190

Integer Overflow or Wraparound

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-275

CWE-280

Improper Handling of Insufficient Permissions or Privileges

CWE-319

Cleartext Transmission of Sensitive Information

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-366

Race Condition within a Thread

CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition

CWE-400

Uncontrolled Resource Consumption

CWE-401

Missing Release of Memory after Effective Lifetime

CWE-404

Improper Resource Shutdown or Release

CWE-415

Double Free

CWE-416

Use After Free

CWE-441

Unintended Proxy or Intermediary ('Confused Deputy')

CWE-457

Use of Uninitialized Variable

CWE-476

NULL Pointer Dereference

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

CWE-617

Reachable Assertion

CWE-639

Authorization Bypass Through User-Controlled Key

CWE-749

Exposed Dangerous Method or Function

CWE-754

Improper Check for Unusual or Exceptional Conditions

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-787

Out-of-bounds Write

CWE-862

Missing Authorization

CWE-1262

Improper Access Control for Register Interface

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Google heeft kwetsbaarheden verholpen in Android. In deze update zijn ook updates meegenomen voor closed-source componenten van Qualcomm, Imagination Technologies, Unisoc en MediaTek.\n\nSamsung heeft kwetsbaarheden in Samsung Mobile verholpen die relevant zijn voor Samsung mobile devices.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, zichzelf verhoogde rechten toe te kennen, toegang te krijgen tot gevoelige gegevens of willekeurige code uit te voeren.\n\nVoor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden om een malafide app te installeren en uit te voeren, of een malafide link te volgen.\n\nGoogle heeft verder, zoals gebruikelijk, weinig inhoudelijke informatie beschikbaar gesteld.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Google heeft updates uitgebracht om de kwetsbaarheden te verhelpen in Android 14, 15 en 16.\n\nSamsung heeft updates uitgebracht om kwetsbaarheden die relevant zijn voor Samsung Mobile devices te verhelpen.\n\nZie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
        "title": "CWE-59"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
        "title": "CWE-89"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
        "title": "CWE-119"
      },
      {
        "category": "general",
        "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
        "title": "CWE-120"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Buffer Over-read",
        "title": "CWE-126"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "CWE-275",
        "title": "CWE-275"
      },
      {
        "category": "general",
        "text": "Improper Handling of Insufficient Permissions or Privileges ",
        "title": "CWE-280"
      },
      {
        "category": "general",
        "text": "Cleartext Transmission of Sensitive Information",
        "title": "CWE-319"
      },
      {
        "category": "general",
        "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
        "title": "CWE-362"
      },
      {
        "category": "general",
        "text": "Race Condition within a Thread",
        "title": "CWE-366"
      },
      {
        "category": "general",
        "text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
        "title": "CWE-367"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Missing Release of Memory after Effective Lifetime",
        "title": "CWE-401"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Double Free",
        "title": "CWE-415"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
        "title": "CWE-441"
      },
      {
        "category": "general",
        "text": "Use of Uninitialized Variable",
        "title": "CWE-457"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive System Information to an Unauthorized Control Sphere",
        "title": "CWE-497"
      },
      {
        "category": "general",
        "text": "Reachable Assertion",
        "title": "CWE-617"
      },
      {
        "category": "general",
        "text": "Authorization Bypass Through User-Controlled Key",
        "title": "CWE-639"
      },
      {
        "category": "general",
        "text": "Exposed Dangerous Method or Function",
        "title": "CWE-749"
      },
      {
        "category": "general",
        "text": "Improper Check for Unusual or Exceptional Conditions",
        "title": "CWE-754"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Missing Authorization",
        "title": "CWE-862"
      },
      {
        "category": "general",
        "text": "Improper Access Control for Register Interface",
        "title": "CWE-1262"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://source.android.com/docs/security/bulletin/2026/2026-03-01"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://security.samsungmobile.com//securityUpdate.smsb"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Google Android en Samsung Mobile",
    "tracking": {
      "current_release_date": "2026-03-03T09:07:09.279353Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0074",
      "initial_release_date": "2026-03-03T09:07:09.279353Z",
      "revision_history": [
        {
          "date": "2026-03-03T09:07:09.279353Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "Android"
          }
        ],
        "category": "vendor",
        "name": "Google"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-2"
                }
              }
            ],
            "category": "product_name",
            "name": "Mobile Devices"
          }
        ],
        "category": "vendor",
        "name": "Samsung"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-43766",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "other",
          "text": "Cleartext Transmission of Sensitive Information",
          "title": "CWE-319"
        },
        {
          "category": "description",
          "text": "The btm_ble_sec.cc file contains functions with improper error handling that may lead to unencrypted communication, potentially exposing sensitive information to nearby attackers without requiring additional privileges or user interaction.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-43766 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-43766.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2024-43766"
    },
    {
      "cve": "CVE-2024-43859",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        },
        {
          "category": "description",
          "text": "Recent updates have addressed vulnerabilities in the Linux kernel, specifically related to f2fs, preventing NULL pointer dereference issues and mitigating multiple security risks in the Debian Linux Kernel.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-43859 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-43859.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2024-43859"
    },
    {
      "cve": "CVE-2025-2879",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "description",
          "text": "A vulnerability in Arm Ltd\u0027s Valhall and 5th Gen GPU Kernel Drivers allows local non-privileged users to improperly perform GPU operations, potentially exposing sensitive information across multiple driver versions from r29p0 to r54p0.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-2879 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-2879.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-2879"
    },
    {
      "cve": "CVE-2025-10865",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        },
        {
          "category": "description",
          "text": "Non-privileged software can invoke improper GPU system calls, causing incorrect reference counting and leading to a potential use-after-free vulnerability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-10865 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-10865.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-10865"
    },
    {
      "cve": "CVE-2025-13952",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        },
        {
          "category": "description",
          "text": "A web page containing unusual GPU shader code triggers a write use-after-free crash in the GPU shader compiler, potentially enabling further exploits on devices where the compiler operates with system-level privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-13952 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-13952.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-13952"
    },
    {
      "cve": "CVE-2025-20760",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "other",
          "text": "Reachable Assertion",
          "title": "CWE-617"
        },
        {
          "category": "description",
          "text": "A vulnerability in Modem allows remote denial of service through uninitialized heap data reading due to an uncaught exception when connecting to a malicious base station, identified by Patch ID: MOLY01676750 and Issue ID: MSV-4653.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-20760 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20760.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-20760"
    },
    {
      "cve": "CVE-2025-20761",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        },
        {
          "category": "description",
          "text": "The document outlines a vulnerability in Modem due to improper error handling, enabling remote denial of service via a rogue base station without user interaction, with a patch and issue ID provided.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-20761 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20761.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-20761"
    },
    {
      "cve": "CVE-2025-20762",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "other",
          "text": "Reachable Assertion",
          "title": "CWE-617"
        },
        {
          "category": "description",
          "text": "A vulnerability in Modem, identified by Patch ID MOLY01685181 and Issue ID MSV-4760, could lead to a remote denial of service via a rogue base station without user interaction.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-20762 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20762.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-20762"
    },
    {
      "cve": "CVE-2025-20793",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        },
        {
          "category": "description",
          "text": "A vulnerability in Modem\u0027s error handling could enable remote denial of service via a rogue base station without user interaction, identified by Patch ID: MOLY01430930 and Issue ID: MSV-4836.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-20793 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20793.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-20793"
    },
    {
      "cve": "CVE-2025-20794",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "description",
          "text": "The Modem has a vulnerability that could lead to a system crash via inadequate input validation, enabling remote denial of service through a rogue base station without user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-20794 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20794.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-20794"
    },
    {
      "cve": "CVE-2025-20795",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "KeyInstall contains an out-of-bounds write vulnerability caused by a missing bounds check, which may enable local privilege escalation if the attacker already has System privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-20795 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-20795.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-20795"
    },
    {
      "cve": "CVE-2025-32313",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "A bounds check error in UsageEvents.java can lead to an out-of-bounds write, enabling local privilege escalation without requiring additional execution privileges or user interaction.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-32313 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-32313.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-32313"
    },
    {
      "cve": "CVE-2025-38616",
      "cwe": {
        "id": "CWE-366",
        "name": "Race Condition within a Thread"
      },
      "notes": [
        {
          "category": "other",
          "text": "Race Condition within a Thread",
          "title": "CWE-366"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "Multiple updates to SUSE Linux Enterprise kernels addressed various security vulnerabilities, including memory leaks, race conditions, and use-after-free issues, particularly in TLS handling and the xfrm interface.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-38616 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-38616.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-38616"
    },
    {
      "cve": "CVE-2025-38618",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        },
        {
          "category": "description",
          "text": "Multiple SUSE Linux Enterprise and Linux Kernel updates address various security vulnerabilities, including buffer overflows, memory leaks, use-after-free issues, null pointer dereferences, and race conditions across different kernel versions.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-38618 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-38618.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-38618"
    },
    {
      "cve": "CVE-2025-39682",
      "notes": [
        {
          "category": "description",
          "text": "Recent updates to SUSE Linux Enterprise kernels addressed multiple security vulnerabilities, including memory leaks, buffer overflows, and TLS handling issues, enhancing system stability and security across various versions.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-39682 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-39682.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-39682"
    },
    {
      "cve": "CVE-2025-39946",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "SUSE Linux Enterprise kernels (15 SP6, SP7, and Azure) were updated to address multiple security vulnerabilities, including race conditions and memory management issues, alongside non-security improvements in ACPI and KVM.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-39946 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-39946.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-39946"
    },
    {
      "cve": "CVE-2025-40266",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in the Linux kernel related to KVM on arm64 has been addressed by verifying offsets to prevent out-of-bounds access in the hypervisor FF-A memory share when untrusted values are provided.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-40266 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40266.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-40266"
    },
    {
      "cve": "CVE-2025-47339",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        },
        {
          "category": "description",
          "text": "The document describes a memory corruption vulnerability that occurs during the deinitialization phase of an HDCP session, potentially impacting the stability and security of the affected system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47339 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47339.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47339"
    },
    {
      "cve": "CVE-2025-47346",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "A memory corruption vulnerability was identified during the processing of a secure logging command within a trusted application, potentially impacting system integrity.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47346 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47346.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47346"
    },
    {
      "cve": "CVE-2025-47348",
      "cwe": {
        "id": "CWE-457",
        "name": "Use of Uninitialized Variable"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Uninitialized Variable",
          "title": "CWE-457"
        },
        {
          "category": "description",
          "text": "Memory corruption was detected during identity credential operations within the trusted application, indicating a critical flaw in secure processing.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47348 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47348.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47348"
    },
    {
      "cve": "CVE-2025-47366",
      "cwe": {
        "id": "CWE-749",
        "name": "Exposed Dangerous Method or Function"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposed Dangerous Method or Function",
          "title": "CWE-749"
        },
        {
          "category": "description",
          "text": "A cryptographic vulnerability occurs when a Trusted Zone running outdated code is triggered by a High-Level Operating System providing malformed input, potentially compromising secure operations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47366 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47366.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47366"
    },
    {
      "cve": "CVE-2025-47378",
      "cwe": {
        "id": "CWE-497",
        "name": "Exposure of Sensitive System Information to an Unauthorized Control Sphere"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive System Information to an Unauthorized Control Sphere",
          "title": "CWE-497"
        },
        {
          "category": "description",
          "text": "The document details a cryptographic vulnerability where a shared VM reference allows the High-Level Operating System (HLOS) to access the boot loader and certificate chain, posing a potential security risk.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47378 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47378.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47378"
    },
    {
      "cve": "CVE-2025-47385",
      "cwe": {
        "id": "CWE-1262",
        "name": "Improper Access Control for Register Interface"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control for Register Interface",
          "title": "CWE-1262"
        },
        {
          "category": "description",
          "text": "A memory corruption vulnerability arises from improper privilege checks when accessing the trusted execution environment, potentially leading to unauthorized access or code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47385 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47385.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47385"
    },
    {
      "cve": "CVE-2025-47388",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
          "title": "CWE-120"
        },
        {
          "category": "description",
          "text": "Memory corruption can occur when pages are passed to the DSP with an unaligned starting address, potentially leading to system instability or unexpected behavior.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47388 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47388.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47388"
    },
    {
      "cve": "CVE-2025-47394",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
          "title": "CWE-120"
        },
        {
          "category": "description",
          "text": "Memory corruption arises during memory operations when overlapping buffers are copied due to incorrect offset calculations, leading to potential data integrity issues.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47394 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47394.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47394"
    },
    {
      "cve": "CVE-2025-47395",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "description",
          "text": "A transient denial-of-service vulnerability arises during the parsing of WLAN management frames containing a Vendor Specific Information Element, potentially disrupting network availability.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47395 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47395.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47395"
    },
    {
      "cve": "CVE-2025-47396",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Double Free",
          "title": "CWE-415"
        },
        {
          "category": "description",
          "text": "Memory corruption occurs when a secure application operates on a device with insufficient memory, potentially leading to unstable or insecure behavior.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47396 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47396.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47396"
    },
    {
      "cve": "CVE-2025-47397",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Release of Memory after Effective Lifetime",
          "title": "CWE-401"
        },
        {
          "category": "description",
          "text": "Memory corruption arises during GPU memory mapping involving scatter-gather lists due to inadequate verification of IOMMU mapping errors, leading to potential system instability or exploitation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47397 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47397.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47397"
    },
    {
      "cve": "CVE-2025-47398",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        },
        {
          "category": "description",
          "text": "Memory corruption arises during the deallocation of GPU memory buffers due to improper handling of memory pointers, potentially leading to instability or exploitation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47398 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47398.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47398"
    },
    {
      "cve": "CVE-2025-47402",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "A transient denial-of-service (DoS) condition can occur when processing a received frame containing an excessively large authentication information element, potentially disrupting normal device operation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-47402 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47402.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-47402"
    },
    {
      "cve": "CVE-2025-48544",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
          "title": "CWE-89"
        },
        {
          "category": "description",
          "text": "Multiple locations are vulnerable to SQL injection, enabling unauthorized access to other applications\u0027 files and potentially leading to local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48544 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48544.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-48544"
    },
    {
      "cve": "CVE-2025-48567",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "description",
          "text": "A file path filter designed to block access to sensitive directories can be bypassed due to improper Unicode normalization, enabling local privilege escalation with required user interaction but no additional execution privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48567 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48567.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-48567"
    },
    {
      "cve": "CVE-2025-48568",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        },
        {
          "category": "description",
          "text": "A race condition in multiple locations can lead to a lockscreen bypass, enabling local privilege escalation without requiring additional execution privileges or user interaction.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48568 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48568.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-48568"
    },
    {
      "cve": "CVE-2025-48574",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        },
        {
          "category": "description",
          "text": "A missing permission check in DisplayPolicy.java\u0027s validateAddingWindowLw function enables an app to intercept drag-and-drop events, potentially leading to local privilege escalation without user interaction or additional privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48574 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48574.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-48574"
    },
    {
      "cve": "CVE-2025-48577",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        },
        {
          "category": "description",
          "text": "A race condition in multiple functions of KeyguardViewMediator.java can lead to a lockscreen bypass, enabling local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48577 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48577.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-48577"
    },
    {
      "cve": "CVE-2025-48578",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        },
        {
          "category": "description",
          "text": "MediaProvider.java contains multiple functions lacking WRITE_EXTERNAL_STORAGE permission checks, potentially enabling local privilege escalation that requires user interaction for exploitation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48578 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48578.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-48578"
    },
    {
      "cve": "CVE-2025-48579",
      "cwe": {
        "id": "CWE-441",
        "name": "Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
          "title": "CWE-441"
        },
        {
          "category": "description",
          "text": "MediaProvider.java contains multiple functions that allow bypassing external storage write permissions, enabling local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48579 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48579.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-48579"
    },
    {
      "cve": "CVE-2025-48582",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
          "title": "CWE-59"
        },
        {
          "category": "description",
          "text": "A vulnerability enables deletion of media files without requiring MANAGE_EXTERNAL_STORAGE permission through intent redirection, allowing local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48582 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48582.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-48582"
    },
    {
      "cve": "CVE-2025-48585",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "description",
          "text": "ProfilingService.java contains multiple functions with inadequate input validation, leading to a persistent local denial of service without requiring user interaction or elevated privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48585 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48585.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-48585"
    },
    {
      "cve": "CVE-2025-48587",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "description",
          "text": "ProfilingService.java contains multiple functions with inadequate input validation, leading to a persistent local denial of service without requiring user interaction or elevated privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48587 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48587.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-48587"
    },
    {
      "cve": "CVE-2025-48602",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in KeyguardViewMediator.java\u0027s exitKeyguardAndFinishSurfaceBehindRemoteAnimation function enables a lockscreen bypass, resulting in local privilege escalation without user interaction or elevated execution privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48602 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48602.json"
        }
      ],
      "title": "CVE-2025-48602"
    },
    {
      "cve": "CVE-2025-48605",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in KeyguardViewMediator.java allows a lockscreen bypass, enabling local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48605 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48605.json"
        }
      ],
      "title": "CVE-2025-48605"
    },
    {
      "cve": "CVE-2025-48609",
      "notes": [
        {
          "category": "description",
          "text": "MmsProvider.java contains a path traversal vulnerability enabling arbitrary file deletion, potentially causing local denial of service in telephony, SMS, and MMS functions without user interaction or additional privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48609 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48609.json"
        }
      ],
      "title": "CVE-2025-48609"
    },
    {
      "cve": "CVE-2025-48613",
      "notes": [
        {
          "category": "description",
          "text": "VBMeta images signed with a test key can be modified and resigned using the same key, potentially enabling local privilege escalation without requiring additional execution privileges or user interaction.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48613 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48613.json"
        }
      ],
      "title": "CVE-2025-48613"
    },
    {
      "cve": "CVE-2025-48619",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in ContentProvider.java permits applications with read-only access to truncate files, enabling local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48619 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48619.json"
        }
      ],
      "title": "CVE-2025-48619"
    },
    {
      "cve": "CVE-2025-48630",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in SkiaRenderEngine.cpp\u0027s drawLayersInternal function allows local attackers to exploit GPU cache side channel information disclosure, leading to privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48630 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48630.json"
        }
      ],
      "title": "CVE-2025-48630"
    },
    {
      "cve": "CVE-2025-48631",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "description",
          "text": "A persistent denial of service vulnerability exists in the onHeaderDecoded method of LocalImageResolver.java, enabling remote exploitation without user interaction or additional privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48631 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48631.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-48631"
    },
    {
      "cve": "CVE-2025-48634",
      "notes": [
        {
          "category": "description",
          "text": "A missing permission check in relayoutWindow of WindowManagerService.java enables a tapjacking attack, allowing local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48634 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48634.json"
        }
      ],
      "title": "CVE-2025-48634"
    },
    {
      "cve": "CVE-2025-48635",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in TaskFragmentOrganizerController.java can cause an activity token leak, potentially enabling local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48635 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48635.json"
        }
      ],
      "title": "CVE-2025-48635"
    },
    {
      "cve": "CVE-2025-48641",
      "notes": [
        {
          "category": "description",
          "text": "A race condition in multiple functions of Nfc.h can lead to use-after-free vulnerabilities, enabling local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48641 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48641.json"
        }
      ],
      "title": "CVE-2025-48641"
    },
    {
      "cve": "CVE-2025-48642",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in the jump_to_payload function of payload.rs can lead to local information disclosure without requiring additional privileges or user interaction.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48642 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48642.json"
        }
      ],
      "title": "CVE-2025-48642"
    },
    {
      "cve": "CVE-2025-48644",
      "notes": [
        {
          "category": "description",
          "text": "The document details a persistent local denial of service vulnerability stemming from improper input validation, exploitable without user interaction or elevated privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48644 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48644.json"
        }
      ],
      "title": "CVE-2025-48644"
    },
    {
      "cve": "CVE-2025-48645",
      "notes": [
        {
          "category": "description",
          "text": "The loadDescription method in DeviceAdminInfo.java contains an input validation flaw that can lead to local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48645 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48645.json"
        }
      ],
      "title": "CVE-2025-48645"
    },
    {
      "cve": "CVE-2025-48646",
      "cwe": {
        "id": "CWE-441",
        "name": "Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
          "title": "CWE-441"
        },
        {
          "category": "description",
          "text": "A vulnerability in ActivityStarter.java\u0027s executeRequest method enables local privilege escalation via a confused deputy issue, requiring user interaction for exploitation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48646 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48646.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-48646"
    },
    {
      "cve": "CVE-2025-48650",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
          "title": "CWE-89"
        },
        {
          "category": "description",
          "text": "The document details a SQL injection vulnerability enabling information disclosure and local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48650 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48650.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-48650"
    },
    {
      "cve": "CVE-2025-48653",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in the loadDataAndPostValue function across multiple files may obscure permission usage, potentially enabling local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48653 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48653.json"
        }
      ],
      "title": "CVE-2025-48653"
    },
    {
      "cve": "CVE-2025-48654",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in the onStart method of CompanionDeviceManagerService.java introduces a confused deputy vulnerability enabling local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48654 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48654.json"
        }
      ],
      "title": "CVE-2025-48654"
    },
    {
      "cve": "CVE-2025-58407",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "notes": [
        {
          "category": "other",
          "text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
          "title": "CWE-367"
        },
        {
          "category": "description",
          "text": "A TOCTOU race condition in GPU firmware can be exploited by kernel or driver software on a guest VM to access memory beyond its allocation, potentially enabling virtual machine escape.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-58407 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58407.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-58407"
    },
    {
      "cve": "CVE-2025-58408",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        },
        {
          "category": "description",
          "text": "Running software as a non-privileged user can trigger improper GPU system calls that read stale data, causing kernel exceptions and use-after-free vulnerabilities due to unbalanced resource reference counts.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-58408 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58408.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-58408"
    },
    {
      "cve": "CVE-2025-58409",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "description",
          "text": "Non-privileged software can exploit GPU system calls to write to arbitrary physical memory, enabling unauthorized modifications and potential corruption of kernel and driver data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-58409 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58409.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-58409"
    },
    {
      "cve": "CVE-2025-58411",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        },
        {
          "category": "description",
          "text": "Running software as a non-privileged user can cause improper GPU system calls, leading to resource mismanagement and use-after-free vulnerabilities due to incorrect reference counting.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-58411 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58411.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-58411"
    },
    {
      "cve": "CVE-2025-59600",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "description",
          "text": "Memory corruption vulnerabilities arise when user-supplied data is incorporated without verifying sufficient buffer space, potentially leading to unstable or exploitable program behavior.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59600 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59600.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-59600"
    },
    {
      "cve": "CVE-2025-64783",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "description",
          "text": "DNG SDK versions 1.7.0 and earlier are vulnerable to arbitrary code execution via an Integer Overflow or Wraparound, necessitating user interaction to exploit through the opening of a malicious file.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-64783 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-64783.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-64783"
    },
    {
      "cve": "CVE-2025-64784",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "description",
          "text": "DNG SDK versions 1.7.0 and earlier are vulnerable to a Heap-based Buffer Overflow, which can lead to memory exposure or application denial of service through user interaction with malicious files.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-64784 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-64784.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-64784"
    },
    {
      "cve": "CVE-2025-64893",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "DNG SDK versions 1.7.0 and earlier are vulnerable to an Out-of-bounds Read issue, potentially leading to memory exposure or application denial of service through user interaction with malicious files.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-64893 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-64893.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-64893"
    },
    {
      "cve": "CVE-2025-69278",
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-69278 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-69278.json"
        }
      ],
      "title": "CVE-2025-69278"
    },
    {
      "cve": "CVE-2025-69279",
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-69279 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-69279.json"
        }
      ],
      "title": "CVE-2025-69279"
    },
    {
      "cve": "CVE-2026-0005",
      "notes": [
        {
          "category": "description",
          "text": "A missing permission check in onServiceDisconnected of KeyguardServiceDelegate.java allows partial bypass of app pinning, enabling limited interaction with other apps and potential local information disclosure.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0005 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0005.json"
        }
      ],
      "title": "CVE-2026-0005"
    },
    {
      "cve": "CVE-2026-0006",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "description",
          "text": "The document details a heap buffer overflow vulnerability enabling out-of-bounds read and write operations, which can lead to remote code execution without user interaction or elevated privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0006 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0006.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0006"
    },
    {
      "cve": "CVE-2026-0007",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in WindowInfo.cpp\u0027s writeToParcel function enables tapjacking and overlay attacks that can trick users into granting permissions, potentially leading to local privilege escalation without user interaction or additional privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0007 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0007.json"
        }
      ],
      "title": "CVE-2026-0007"
    },
    {
      "cve": "CVE-2026-0008",
      "cwe": {
        "id": "CWE-441",
        "name": "Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
          "title": "CWE-441"
        },
        {
          "category": "description",
          "text": "A confused deputy vulnerability in multiple locations enables local privilege escalation without requiring additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0008 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0008.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0008"
    },
    {
      "cve": "CVE-2026-0010",
      "notes": [
        {
          "category": "description",
          "text": "A missing bounds check in onTransact of IDrmManagerService.cpp can lead to an out-of-bounds write, potentially enabling local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0010 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0010.json"
        }
      ],
      "title": "CVE-2026-0010"
    },
    {
      "cve": "CVE-2026-0011",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in the enableSystemPackageLPw function of Settings.java can block location access, enabling local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0011 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0011.json"
        }
      ],
      "title": "CVE-2026-0011"
    },
    {
      "cve": "CVE-2026-0012",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in the setHideSensitive method of ExpandableNotificationRow.java can cause a contact name leak, resulting in local information disclosure without user interaction or additional privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0012 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0012.json"
        }
      ],
      "title": "CVE-2026-0012"
    },
    {
      "cve": "CVE-2026-0013",
      "cwe": {
        "id": "CWE-441",
        "name": "Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
          "title": "CWE-441"
        },
        {
          "category": "description",
          "text": "The setupLayout method in PickActivity.java contains a confused deputy vulnerability enabling any activity to be started as a DocumentsUI app, potentially causing local privilege escalation without user interaction or extra privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0013 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0013.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0013"
    },
    {
      "cve": "CVE-2026-0014",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "description",
          "text": "The isPackageNullOrSystem function in AppOpsService.java contains a vulnerability due to improper input validation, enabling a persistent local denial of service without user interaction or elevated privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0014 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0014.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0014"
    },
    {
      "cve": "CVE-2026-0015",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "description",
          "text": "AppOpsService.java contains multiple improper input validation flaws that can lead to a persistent local denial of service without requiring user interaction or elevated privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0015 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0015.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0015"
    },
    {
      "cve": "CVE-2026-0017",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in the onChange method of BiometricService.java can enable fingerprint unlock, resulting in local privilege escalation without requiring additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0017 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0017.json"
        }
      ],
      "title": "CVE-2026-0017"
    },
    {
      "cve": "CVE-2026-0020",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "notes": [
        {
          "category": "other",
          "text": "Authorization Bypass Through User-Controlled Key",
          "title": "CWE-639"
        },
        {
          "category": "description",
          "text": "A permissions bypass vulnerability in the parsePermissionGroup function of ParsedPermissionUtils.java enables local privilege escalation without requiring user interaction or additional execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0020 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0020.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0020"
    },
    {
      "cve": "CVE-2026-0021",
      "cwe": {
        "id": "CWE-441",
        "name": "Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
          "title": "CWE-441"
        },
        {
          "category": "description",
          "text": "A cross-user permission bypass vulnerability in the hasInteractAcrossUsersFullPermission method of AppInfoBase.java can enable local privilege escalation without requiring user interaction or additional execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0021 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0021.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0021"
    },
    {
      "cve": "CVE-2026-0023",
      "notes": [
        {
          "category": "description",
          "text": "A missing permission check in createSessionInternal of PackageInstallerService.java enables an app to update its ownership, leading to local privilege escalation without user interaction or additional privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0023 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0023.json"
        }
      ],
      "title": "CVE-2026-0023"
    },
    {
      "cve": "CVE-2026-0024",
      "notes": [
        {
          "category": "description",
          "text": "A missing permission check in MediaProvider.java\u0027s isRedactionNeededForOpenViaContentResolver function may lead to local disclosure of media location data without user interaction or additional privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0024 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0024.json"
        }
      ],
      "title": "CVE-2026-0024"
    },
    {
      "cve": "CVE-2026-0025",
      "notes": [
        {
          "category": "description",
          "text": "A permissions bypass vulnerability in Notification.java\u0027s hasImage method may lead to information disclosure across users, potentially enabling local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0025 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0025.json"
        }
      ],
      "title": "CVE-2026-0025"
    },
    {
      "cve": "CVE-2026-0026",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        },
        {
          "category": "description",
          "text": "A logic error in PermissionManagerServiceImpl.java\u0027s removePermission method allows overriding any system permission, enabling local privilege escalation with user interaction but no additional execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0026 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0026.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0026"
    },
    {
      "cve": "CVE-2026-0027",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        },
        {
          "category": "description",
          "text": "A use-after-free vulnerability in the smmu_detach_dev function of arm-smmu-v3.c can lead to an out-of-bounds write, potentially enabling local privilege escalation without requiring user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0027 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0027.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0027"
    },
    {
      "cve": "CVE-2026-0028",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "description",
          "text": "An integer overflow in the __pkvm_host_share_guest function of mem_protect.c may cause an out-of-bounds write, enabling local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0028 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0028.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0028"
    },
    {
      "cve": "CVE-2026-0029",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in the __pkvm_init_vm function of pkvm.c can lead to memory corruption, potentially enabling local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0029 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0029.json"
        }
      ],
      "title": "CVE-2026-0029"
    },
    {
      "cve": "CVE-2026-0030",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "A vulnerability in the __host_check_page_state_range function of mem_protect.c allows an out-of-bounds write due to improper bounds checking, potentially enabling local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0030 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0030.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0030"
    },
    {
      "cve": "CVE-2026-0031",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "description",
          "text": "Multiple functions in mem_protect.c contain integer overflow vulnerabilities leading to out-of-bounds writes, which can enable local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0031 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0031.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0031"
    },
    {
      "cve": "CVE-2026-0032",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in mem_protect.c leads to a potential out-of-bounds write, enabling local privilege escalation without requiring user interaction or additional execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0032 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0032.json"
        }
      ],
      "title": "CVE-2026-0032"
    },
    {
      "cve": "CVE-2026-0034",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "description",
          "text": "A local privilege escalation vulnerability exists in ManagedServices.java\u0027s setPackageOrComponentEnabled function due to improper input validation causing notification policy desynchronization without user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0034 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0034.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0034"
    },
    {
      "cve": "CVE-2026-0035",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "A logic error in MediaProvider.java\u0027s createRequest method allows unauthorized read/write access to non-existing files, enabling local privilege escalation without user interaction or additional execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0035 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0035.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0035"
    },
    {
      "cve": "CVE-2026-0037",
      "notes": [
        {
          "category": "description",
          "text": "Multiple functions in ffa.c contain a logic error that may lead to memory corruption, potentially enabling local privilege escalation without additional execution privileges or user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0037 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0037.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0037"
    },
    {
      "cve": "CVE-2026-0038",
      "notes": [
        {
          "category": "description",
          "text": "A logic error in mem_protect.c functions enables arbitrary code execution, potentially resulting in local privilege escalation without requiring user interaction or elevated execution privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0038 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0038.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0038"
    },
    {
      "cve": "CVE-2026-0047",
      "cwe": {
        "id": "CWE-280",
        "name": "Improper Handling of Insufficient Permissions or Privileges "
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Insufficient Permissions or Privileges ",
          "title": "CWE-280"
        },
        {
          "category": "description",
          "text": "A missing permission check in dumpBitmapsProto of ActivityManagerService.java enables an application to access private information, potentially leading to local privilege escalation without user interaction or additional privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-0047 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0047.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-0047"
    },
    {
      "cve": "CVE-2026-20401",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "other",
          "text": "Reachable Assertion",
          "title": "CWE-617"
        },
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        },
        {
          "category": "description",
          "text": "A vulnerability in Modem could lead to a remote denial of service via a rogue base station due to an uncaught exception, with a patch (MOLY01738310) available.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20401 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20401.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-20401"
    },
    {
      "cve": "CVE-2026-20402",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "The modem has a vulnerability due to inadequate input validation, which may lead to a system crash and allow remote denial of service via a rogue base station, with a patch available (Patch ID: MOLY00693083, Issue ID: MSV-5928).",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20402 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20402.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-20402"
    },
    {
      "cve": "CVE-2026-20403",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "A vulnerability in Modem due to a missing bounds check could enable remote denial of service via a rogue base station without user interaction, with patches available under specific IDs.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20403 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20403.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-20403"
    },
    {
      "cve": "CVE-2026-20404",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "A vulnerability in Modem can lead to system crashes via improper input validation, enabling remote denial of service through a rogue base station, with a patch available (Patch ID: MOLY01689248, Issue ID: MSV-4837).",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20404 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20404.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-20404"
    },
    {
      "cve": "CVE-2026-20405",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "other",
          "text": "Reachable Assertion",
          "title": "CWE-617"
        },
        {
          "category": "description",
          "text": "A vulnerability in Modem due to a missing bounds check could enable remote denial of service via a rogue base station, with a patch (MOLY01688495) available to address this issue.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20405 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20405.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-20405"
    },
    {
      "cve": "CVE-2026-20406",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        },
        {
          "category": "description",
          "text": "A vulnerability in Modem could lead to a remote denial of service via a rogue base station due to an uncaught exception, with a patch (MOLY01726634) available for resolution.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20406 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20406.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-20406"
    },
    {
      "cve": "CVE-2026-20420",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "A vulnerability in Modem\u0027s error handling could lead to a remote denial of service via a rogue base station, with a patch (MOLY01738313) available for resolution.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20420 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20420.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-20420"
    },
    {
      "cve": "CVE-2026-20421",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "The modem has a vulnerability due to improper input validation that may lead to a system crash and remote denial of service via a rogue base station, with a patch available (Patch ID: MOLY01738293, Issue ID: MSV-5922).",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20421 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20421.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-20421"
    },
    {
      "cve": "CVE-2026-20422",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "notes": [
        {
          "category": "other",
          "text": "Reachable Assertion",
          "title": "CWE-617"
        },
        {
          "category": "description",
          "text": "A vulnerability in Modem could lead to a system crash due to insufficient input validation, enabling remote denial of service via a rogue base station, with a patch available (Patch ID: MOLY00827332, Issue ID: MSV-5919).",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20422 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20422.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-20422"
    },
    {
      "cve": "CVE-2026-20425",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "A missing bounds check in the display component can lead to an out-of-bounds write, enabling local privilege escalation if the attacker already has System privileges, without requiring user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20425 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20425.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-20425"
    },
    {
      "cve": "CVE-2026-20426",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "A missing bounds check in the display component can lead to an out-of-bounds write, enabling local privilege escalation without user interaction if the attacker already has System privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20426 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20426.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-20426"
    },
    {
      "cve": "CVE-2026-20427",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "A missing bounds check in the display component can lead to local privilege escalation without user interaction if the attacker already has System privileges, as addressed by Patch ALPS10320471 (Issue MSV-5537).",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20427 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20427.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-20427"
    },
    {
      "cve": "CVE-2026-20428",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "A missing bounds check in the display component can lead to an out-of-bounds write, enabling local privilege escalation if the attacker already has System privileges, without requiring user interaction.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20428 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20428.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-20428"
    },
    {
      "cve": "CVE-2026-20434",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "A missing bounds check in the Modem can lead to an out-of-bounds write, potentially enabling remote privilege escalation if a user equipment connects to a rogue base station, requiring user interaction for exploitation.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20434 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20434.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-20434"
    },
    {
      "cve": "CVE-2026-20988",
      "notes": [
        {
          "category": "description",
          "text": "A local attacker can exploit improper intent verification in the Settings broadcast receiver to launch arbitrary activities with Settings privileges, requiring user interaction, fixed in SMR Mar-2026 Release 1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20988 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20988.json"
        }
      ],
      "title": "CVE-2026-20988"
    },
    {
      "cve": "CVE-2026-20989",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Font Settings before SMR Mar-2026 Release 1 allows physical attackers to exploit improper cryptographic signature verification to use custom fonts.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20989 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20989.json"
        }
      ],
      "title": "CVE-2026-20989"
    },
    {
      "cve": "CVE-2026-20990",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Secure Folder before SMR Mar-2026 Release 1 allows local attackers to exploit improperly exported Android application components to execute arbitrary activities with elevated Secure Folder privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20990 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20990.json"
        }
      ],
      "title": "CVE-2026-20990"
    },
    {
      "cve": "CVE-2026-20991",
      "notes": [
        {
          "category": "description",
          "text": "A local privilege escalation vulnerability in ThemeManager before SMR Mar-2026 Release 1 allows attackers to reuse trial contents due to improper privilege management.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20991 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20991.json"
        }
      ],
      "title": "CVE-2026-20991"
    },
    {
      "cve": "CVE-2026-20992",
      "notes": [
        {
          "category": "description",
          "text": "A local attacker can exploit improper authorization in Settings before SMR Mar-2026 Release 1 to disable background data usage configuration for applications, potentially impacting device data management controls.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20992 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20992.json"
        }
      ],
      "title": "CVE-2026-20992"
    },
    {
      "cve": "CVE-2026-21385",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "description",
          "text": "The document addresses memory corruption issues arising from improper use of alignments during memory allocation, which can lead to unstable program behavior and potential security risks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21385 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21385.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-21385"
    },
    {
      "cve": "CVE-2026-21735",
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21735 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21735.json"
        }
      ],
      "title": "CVE-2026-21735"
    }
  ]
}

FKIE_CVE-2025-47378

Vulnerability from fkie_nvd - Published: 2026-03-02 17:16 - Updated: 2026-03-05 20:38

Severity ?

7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Summary

Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain.

References

	URL	Tags
	product-security@qualcomm.com	https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html	Vendor Advisory

Impacted products

Vendor	Product	Version
qualcomm	cologne_firmware	-
qualcomm	cologne	-
qualcomm	fastconnect_6700_firmware	-
qualcomm	fastconnect_6700	-
qualcomm	fastconnect_6800_firmware	-
qualcomm	fastconnect_6800	-
qualcomm	fastconnect_6900_firmware	-
qualcomm	fastconnect_6900	-
qualcomm	fastconnect_7800_firmware	-
qualcomm	fastconnect_7800	-
qualcomm	lemans_au_lgit_firmware	-
qualcomm	lemans_au_lgit	-
qualcomm	lemansau_firmware	-
qualcomm	lemansau	-
qualcomm	pandeiro_firmware	-
qualcomm	pandeiro	-
qualcomm	qam8255p_firmware	-
qualcomm	qam8255p	-
qualcomm	qamsrv1h_firmware	-
qualcomm	qamsrv1h	-
qualcomm	qamsrv1m_firmware	-
qualcomm	qamsrv1m	-
qualcomm	qca6391_firmware	-
qualcomm	qca6391	-
qualcomm	qca6595_firmware	-
qualcomm	qca6595	-
qualcomm	qca6595au_firmware	-
qualcomm	qca6595au	-
qualcomm	qca6696_firmware	-
qualcomm	qca6696	-
qualcomm	qca6698aq_firmware	-
qualcomm	qca6698aq	-
qualcomm	qca6797aq_firmware	-
qualcomm	qca6797aq	-
qualcomm	qln1083bd_firmware	-
qualcomm	qln1083bd	-
qualcomm	qln1086bd_firmware	-
qualcomm	qln1086bd	-
qualcomm	qpa1083bd_firmware	-
qualcomm	qpa1083bd	-
qualcomm	qpa1086bd_firmware	-
qualcomm	qpa1086bd	-
qualcomm	qxm1083_firmware	-
qualcomm	qxm1083	-
qualcomm	qxm1086_firmware	-
qualcomm	qxm1086	-
qualcomm	qxm1093_firmware	-
qualcomm	qxm1093	-
qualcomm	qxm1094_firmware	-
qualcomm	qxm1094	-
qualcomm	qxm1095_firmware	-
qualcomm	qxm1095	-
qualcomm	qxm1096_firmware	-
qualcomm	qxm1096	-
qualcomm	sa7255p_firmware	-
qualcomm	sa7255p	-
qualcomm	sa7775p_firmware	-
qualcomm	sa7775p	-
qualcomm	sa8255p_firmware	-
qualcomm	sa8255p	-
qualcomm	sa8620p_firmware	-
qualcomm	sa8620p	-
qualcomm	sa8770p_firmware	-
qualcomm	sa8770p	-
qualcomm	sa9000p_firmware	-
qualcomm	sa9000p	-
qualcomm	sar1165p_firmware	-
qualcomm	sar1165p	-
qualcomm	sar1250p_firmware	-
qualcomm	sar1250p	-
qualcomm	sar2130p_firmware	-
qualcomm	sar2130p	-
qualcomm	sar2230p_firmware	-
qualcomm	sar2230p	-
qualcomm	sd865_5g_firmware	-
qualcomm	sd865_5g	-
qualcomm	snapdragon_8_elite_gen_5_firmware	-
qualcomm	snapdragon_8_elite_gen_5	-
qualcomm	snapdragon_865_5g_mobile_platform_firmware	-
qualcomm	snapdragon_865_5g_mobile_platform	-
qualcomm	snapdragon_865\+_5g_mobile_platform_firmware	-
qualcomm	snapdragon_865\+_5g_mobile_platform	-
qualcomm	snapdragon_870_5g_mobile_platform_firmware	-
qualcomm	snapdragon_870_5g_mobile_platform	-
qualcomm	snapdragon_ar1_gen_1_platform_firmware	-
qualcomm	snapdragon_ar1_gen_1_platform	-
qualcomm	snapdragon_ar1\+_gen_1_platform_firmware	-
qualcomm	snapdragon_ar1\+_gen_1_platform	-
qualcomm	snapdragon_x55_5g_modem-rf_system_firmware	-
qualcomm	snapdragon_x55_5g_modem-rf_system	-
qualcomm	snapdragon_xr2_5g_platform_firmware	-
qualcomm	snapdragon_xr2_5g_platform	-
qualcomm	snapdragon_xr2\+_gen_1_platform_firmware	-
qualcomm	snapdragon_xr2\+_gen_1_platform	-
qualcomm	srv1h_firmware	-
qualcomm	srv1h	-
qualcomm	srv1m_firmware	-
qualcomm	srv1m	-
qualcomm	sxr2230p_firmware	-
qualcomm	sxr2230p	-
qualcomm	sxr2250p_firmware	-
qualcomm	sxr2250p	-
qualcomm	wcd9378c_firmware	-
qualcomm	wcd9378c	-
qualcomm	wcd9380_firmware	-
qualcomm	wcd9380	-
qualcomm	wcd9385_firmware	-
qualcomm	wcd9385	-
qualcomm	wcd9395_firmware	-
qualcomm	wcd9395	-
qualcomm	wcn3950_firmware	-
qualcomm	wcn3950	-
qualcomm	wcn7860_firmware	-
qualcomm	wcn7860	-
qualcomm	wcn7861_firmware	-
qualcomm	wcn7861	-
qualcomm	wsa8810_firmware	-
qualcomm	wsa8810	-
qualcomm	wsa8815_firmware	-
qualcomm	wsa8815	-
qualcomm	wsa8830_firmware	-
qualcomm	wsa8830	-
qualcomm	wsa8832_firmware	-
qualcomm	wsa8832	-
qualcomm	wsa8835_firmware	-
qualcomm	wsa8835	-
qualcomm	wsa8840_firmware	-
qualcomm	wsa8840	-
qualcomm	wsa8845_firmware	-
qualcomm	wsa8845	-
qualcomm	wsa8845h_firmware	-
qualcomm	wsa8845h	-
qualcomm	x2000077_firmware	-
qualcomm	x2000077	-
qualcomm	x2000086_firmware	-
qualcomm	x2000086	-
qualcomm	x2000090_firmware	-
qualcomm	x2000090	-
qualcomm	x2000092_firmware	-
qualcomm	x2000092	-
qualcomm	x2000094_firmware	-
qualcomm	x2000094	-
qualcomm	xg101002_firmware	-
qualcomm	xg101002	-
qualcomm	xg101032_firmware	-
qualcomm	xg101032	-
qualcomm	xg101039_firmware	-
qualcomm	xg101039	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:cologne_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FF959C0-5AAB-4DC5-AE8F-4EFA21A00B5E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:cologne:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E31E0C48-FB61-47C8-B28B-3A701E85E126",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:lemans_au_lgit_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5767FE95-737F-4C20-A5AB-EC641A68D906",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:lemans_au_lgit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33323A49-9267-421B-96E1-80C5FA709EBC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:lemansau_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DF0ED3F-C98B-458E-ADCC-C922402BB185",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:lemansau:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "102A4B5E-1739-4C31-A626-ABF6B02FEE29",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:pandeiro_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "23F8EF0C-BB48-47E1-A045-254D79388F75",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:pandeiro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "058950FC-ED72-4E91-AE13-87E738ADC083",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3723C7B1-A7E2-401F-8D6D-189350F6BCA5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B12B89EF-7B12-481E-BCBC-F12B9D16321A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8673334-5E11-4E95-B33D-3029499F71DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qamsrv1h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC0B32F6-5EF0-4591-99D7-D0E9B09DEC5A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qamsrv1m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE03AB2A-3ED9-4489-8E5B-4FCF8BAA8559",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qamsrv1m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E646738-6A87-4470-9640-6A5A1DF3AF78",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "797295C2-535C-46A9-A725-E1A5405F0436",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qca6797aq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BFC575E-594E-4711-94B1-2DC8D03B9AC4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qln1083bd_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD70F234-1EE7-4362-97F6-5AEDB7078D03",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qln1083bd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C569A848-B70C-42EF-B6D5-4A86547586EE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qln1086bd_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F218DF06-C40A-4738-ABB5-A3FA2243EF84",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qln1086bd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E2A0CD0-66FA-45D6-BBC7-03641203EC73",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qpa1083bd_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0208F7B-A959-485E-B004-A34CB7C7C4C9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qpa1083bd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBDAC812-4603-4D24-A861-23825E32D44E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qpa1086bd_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F6DEF72-A8FF-4B67-AA6C-5CB4AA7B35E1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qpa1086bd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00EF6875-B088-40BD-A526-C962789CDC5A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qxm1083_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CE74B89-5E3F-428E-8000-E3452B8B6953",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qxm1083:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC11B7A6-E621-463D-B861-6B203EADFA57",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qxm1086_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E48759CC-B751-4466-87DF-2D0AB220C0FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qxm1086:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F1C9D2-6616-4F74-85C2-1850B5C3F6BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qxm1093_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A46B609-BD06-4BB7-B055-1F71C555E93D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qxm1093:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59598462-1E53-4F6D-BAB5-06ACEDF6CD9F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qxm1094_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F30D66E-2802-4394-BC39-5E04711234FF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qxm1094:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "078EC383-784F-4468-B94C-AE7CC9808419",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qxm1095_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7B67C93-0453-4696-8F3D-0AD664922C44",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qxm1095:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D61C46AA-9130-46A8-BD04-8B4235118B81",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qxm1096_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E2D5E44-48F6-41E8-A38B-A2E070E16AA9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qxm1096:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BD0372F-5140-4966-9A27-6B5A606C0665",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sa7255p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B651F0A-34DA-400F-A376-B499BFDF8E86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sa7255p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CFF093D-98C8-470F-8330-E5126E06343A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sa7775p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C32CA38-5D48-4108-9858-FD66E20CAF2F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sa7775p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1997F8B-17B8-4DE3-BCF7-726928720592",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6E268D-C4AF-4950-9223-39EA36D538A8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "073C1A81-D02B-4F2F-9378-CD1B2DCE0E5B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sa8620p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ACE6D64-A498-482F-8270-718F4884CFFD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sa8620p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6E016D6-1B83-4261-A27E-1F9873F81E14",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "781CCC31-C08F-499B-BE73-6C7DB70437AF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sa8770p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75AFAA21-0589-4C6A-9418-34EE8A61BBAD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A024AB04-B213-4018-A4C1-FA467C7BA775",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2A8AB7C-5D34-4794-8C06-2193075B323F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sar1165p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D97CD52-4CB0-4F57-9C24-530B326B8D9D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sar1165p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "582EE932-DDE5-4BE5-837C-523FE3EFBA5D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sar1250p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACFDDB41-3DCC-4A25-8D28-64D3EF7669C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sar1250p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "959050A3-E3E0-4CF3-B130-C2C22A2D9F82",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sar2130p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95696696-D2AE-4358-AF5D-3ED14F969964",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sar2130p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A6FC469-463F-4EC1-B4EF-010BDB9BAA05",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sar2230p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACD4E4E9-8DDD-46C5-9D1E-7E86931DDDB5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sar2230p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71634F26-E93B-49A0-9701-070E347A2976",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_8_elite_gen_5_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41070BDB-15E4-4DD7-A132-A14AA24978E5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_8_elite_gen_5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "102460A6-9637-4883-9230-2CC888D5D74E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_865_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C9F4285-1F09-40CD-B1AA-84B406FD6A71",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_865_5g_mobile_platform:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8623DD44-DFDD-442D-9789-11A527A450A4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_865\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "22303AD4-779C-45A3-8F33-3864C45E4328",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_865\\+_5g_mobile_platform:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EC440D-D420-4477-8F14-427245B80631",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_870_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41446A77-6EF3-4570-BAD2-4C761A2C4E7F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_870_5g_mobile_platform:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "448C401B-EF07-4385-A7B4-123D7808F64F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53E5BBDA-C07D-42E2-9A34-EC1F6454CAA4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1_platform:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BB2408F-C768-4DD2-B834-B62E188D6CC2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar1\\+_gen_1_platform_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE30A5E0-10D5-4679-ACA6-4ED991335A6F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar1\\+_gen_1_platform:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA75B74-D20D-4C8B-BFA2-5DE4848410CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAFF2095-4257-40C9-8C48-B38C143159ED",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g_modem-rf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FEA2F1D-7D07-4684-BDC1-24224A53A8BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A129620-8241-4A47-AAC8-CC7E10A09C9C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CEDD78E-124C-4216-9B57-3B7B53463659",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_platform_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF9740EB-F82E-42EA-993E-A393B05CC6BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1_platform:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "022A5532-03F7-4FB8-BA0D-4221178C9486",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:srv1h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CD199F5-DA68-4BEB-AA99-11572DA26B4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:srv1h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ACA2D4D-FC77-4C1A-8278-1C27B3EA3303",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:srv1m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4B29E7F-8BFE-466A-B357-63F8A2160C4E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:srv1m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D55CC7D-2E65-4CA9-9892-B6FBCC087E6F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sxr2250p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68A93ED1-F509-439E-AE7B-F0EC87AE759F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sxr2250p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5E2A98-EDD0-4298-911D-EC7527D5A424",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wcd9378c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95D79E3A-1978-4B23-B60B-2BD47FEDF5C2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wcd9378c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91B32C89-3238-4FDF-BB3F-F6BAE829769B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "699056F6-1517-4F25-AE07-4FFCF6923B9F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4C023D2-6FF5-4FFC-B9F2-895979166580",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EB8794F-7998-424E-AF68-E4A4F9310F65",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wcn7860:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "799D69CE-3FCC-4B19-8B00-9AF38111D983",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57608D47-894C-4895-B4B3-4733D55D57DB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FFD2C38-1A61-4BED-ABFA-DAE0C4B78620",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA33DE15-C177-43B3-AD50-FF797753D12E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE1A5841-5BCB-4033-ACB9-23F3FCA65309",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B47BF35-3AA0-4667-842E-19B0FE30BF3C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A071672-9405-4418-9141-35CEADBB65AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB7CF473-8B25-4851-91F2-1BD693CCDC85",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E591F2-8F72-4A5A-9264-2742EB2DABDA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:x2000077_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A91D253E-0E24-474F-B016-0AC783812EBF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:x2000077:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF588C55-E61D-46C6-98C3-647748AB0192",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:x2000086_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E763DC2C-2D41-483D-8763-8518AAFC8B09",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:x2000086:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD6A8C6-F716-42F3-A16A-70CDD2F72BCD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:x2000090_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21436FFF-DC3A-4279-85BB-1D2F9D270FFC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:x2000090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "991A3700-C97D-4495-8281-A11E0472930C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:x2000092_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E23F8167-8C43-4CCC-B95B-1BF8462E1E90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:x2000092:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65E7DF1E-5CDE-4DF0-A952-A01BF059EB96",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:x2000094_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "789E6127-504B-4B50-B5C7-C7F7933378A1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:x2000094:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A029C9E-9F11-4D07-BD80-B9D00A379AAD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:xg101002_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7EAE86E-AC65-4C37-A23E-E4C9DBFDEE48",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:xg101002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71E5EA1A-F5AE-42B6-804B-59FE6016A691",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:xg101032_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45E15ACE-6573-43FC-8B38-A3B760C8B60D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:xg101032:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF3B92-6AA8-4494-A047-C0DAB82C01D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:xg101039_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C8F081D-479F-492A-9580-8EBE8011DA4E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:xg101039:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A96C6B0-5B33-45DA-B3B1-AD304B7AE313",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain."
    },
    {
      "lang": "es",
      "value": "Problema criptogr\u00e1fico cuando una referencia de VM compartida permite al HLOS arrancar el cargador de arranque y acceder a la cadena de certificados."
    }
  ],
  "id": "CVE-2025-47378",
  "lastModified": "2026-03-05T20:38:46.197",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.2,
        "source": "product-security@qualcomm.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-03-02T17:16:25.453",
  "references": [
    {
      "source": "product-security@qualcomm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html"
    }
  ],
  "sourceIdentifier": "product-security@qualcomm.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-497"
        }
      ],
      "source": "product-security@qualcomm.com",
      "type": "Primary"
    }
  ]
}

WID-SEC-W-2026-0569

Vulnerability from csaf_certbund - Published: 2026-03-02 23:00 - Updated: 2026-03-09 23:00

Summary

Google Android: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Das Android Betriebssystem ist eine quelloffene Plattform für mobile Geräte. Die Basis bildet der Linux-Kernel.

Angriff

Ein Angreifer kann mehrere Schwachstellen in Google Android ausnutzen, um sich erweiterte Berechtigungen zu verschaffen, beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder andere nicht näher spezifizierte Angriffe durchzuführen.

Betroffene Betriebssysteme

- Android

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "kritisch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Das Android Betriebssystem ist eine quelloffene Plattform f\u00fcr mobile Ger\u00e4te. Die Basis bildet der Linux-Kernel.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Google Android ausnutzen, um sich erweiterte Berechtigungen zu verschaffen, beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder andere nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Android",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0569 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0569.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0569 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0569"
      },
      {
        "category": "external",
        "summary": "Android Security Bulletin\u2014March 2026 vom 2026-03-02",
        "url": "https://source.android.com/docs/security/bulletin/2026/2026-03-01"
      }
    ],
    "source_lang": "en-US",
    "title": "Google Android: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-03-09T23:00:00.000+00:00",
      "generator": {
        "date": "2026-03-10T09:16:50.471+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0569",
      "initial_release_date": "2026-03-02T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-03-02T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-03-08T23:00:00.000+00:00",
          "number": "2",
          "summary": "Referenz(en) aufgenommen: EUVD-2025-208387, EUVD-2025-208386, EUVD-2025-208388, EUVD-2025-208389, EUVD-2025-208390, EUVD-2025-208392, EUVD-2025-208391, EUVD-2025-208393, EUVD-2025-208394, EUVD-2025-208396"
        },
        {
          "date": "2026-03-09T23:00:00.000+00:00",
          "number": "3",
          "summary": "Referenz(en) aufgenommen: EUVD-2025-208395"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "14 \u003c2026-03-01",
                "product": {
                  "name": "Google Android 14 \u003c2026-03-01",
                  "product_id": "T051339"
                }
              },
              {
                "category": "product_version",
                "name": "14 2026-03-01",
                "product": {
                  "name": "Google Android 14 2026-03-01",
                  "product_id": "T051339-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:google:android:14__2026-03-01"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "15 \u003c2026-03-01",
                "product": {
                  "name": "Google Android 15 \u003c2026-03-01",
                  "product_id": "T051340"
                }
              },
              {
                "category": "product_version",
                "name": "15 2026-03-01",
                "product": {
                  "name": "Google Android 15 2026-03-01",
                  "product_id": "T051340-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:google:android:15__2026-03-01"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "16-qpr2 \u003c2026-03-01",
                "product": {
                  "name": "Google Android 16-qpr2 \u003c2026-03-01",
                  "product_id": "T051342"
                }
              },
              {
                "category": "product_version",
                "name": "16-qpr2 2026-03-01",
                "product": {
                  "name": "Google Android 16-qpr2 2026-03-01",
                  "product_id": "T051342-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:google:android:16-qpr2__2026-03-01"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "16 \u003c2026-03-01",
                "product": {
                  "name": "Google Android 16 \u003c2026-03-01",
                  "product_id": "T051343"
                }
              },
              {
                "category": "product_version",
                "name": "16 2026-03-01",
                "product": {
                  "name": "Google Android 16 2026-03-01",
                  "product_id": "T051343-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:google:android:16__2026-03-01"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c2026-03-05",
                "product": {
                  "name": "Google Android \u003c2026-03-05",
                  "product_id": "T051344"
                }
              },
              {
                "category": "product_version",
                "name": "2026-03-05",
                "product": {
                  "name": "Google Android 2026-03-05",
                  "product_id": "T051344-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:google:android:2026-03-05"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Android"
          }
        ],
        "category": "vendor",
        "name": "Google"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-43766",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2024-43766"
    },
    {
      "cve": "CVE-2024-43859",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2024-43859"
    },
    {
      "cve": "CVE-2025-10865",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-10865"
    },
    {
      "cve": "CVE-2025-13952",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-13952"
    },
    {
      "cve": "CVE-2025-20760",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-20760"
    },
    {
      "cve": "CVE-2025-20761",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-20761"
    },
    {
      "cve": "CVE-2025-20762",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-20762"
    },
    {
      "cve": "CVE-2025-20793",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-20793"
    },
    {
      "cve": "CVE-2025-20794",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-20794"
    },
    {
      "cve": "CVE-2025-20795",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-20795"
    },
    {
      "cve": "CVE-2025-2879",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-2879"
    },
    {
      "cve": "CVE-2025-32313",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-32313"
    },
    {
      "cve": "CVE-2025-38616",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-38616"
    },
    {
      "cve": "CVE-2025-38618",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-38618"
    },
    {
      "cve": "CVE-2025-39682",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-39682"
    },
    {
      "cve": "CVE-2025-39946",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-39946"
    },
    {
      "cve": "CVE-2025-40266",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-40266"
    },
    {
      "cve": "CVE-2025-47339",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-47339"
    },
    {
      "cve": "CVE-2025-47346",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-47346"
    },
    {
      "cve": "CVE-2025-47348",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-47348"
    },
    {
      "cve": "CVE-2025-47366",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-47366"
    },
    {
      "cve": "CVE-2025-47378",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-47378"
    },
    {
      "cve": "CVE-2025-47385",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-47385"
    },
    {
      "cve": "CVE-2025-47388",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-47388"
    },
    {
      "cve": "CVE-2025-47394",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-47394"
    },
    {
      "cve": "CVE-2025-47395",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-47395"
    },
    {
      "cve": "CVE-2025-47396",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-47396"
    },
    {
      "cve": "CVE-2025-47397",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-47397"
    },
    {
      "cve": "CVE-2025-47398",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-47398"
    },
    {
      "cve": "CVE-2025-47402",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-47402"
    },
    {
      "cve": "CVE-2025-48544",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48544"
    },
    {
      "cve": "CVE-2025-48567",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48567"
    },
    {
      "cve": "CVE-2025-48568",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48568"
    },
    {
      "cve": "CVE-2025-48574",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48574"
    },
    {
      "cve": "CVE-2025-48577",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48577"
    },
    {
      "cve": "CVE-2025-48578",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48578"
    },
    {
      "cve": "CVE-2025-48579",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48579"
    },
    {
      "cve": "CVE-2025-48582",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48582"
    },
    {
      "cve": "CVE-2025-48585",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48585"
    },
    {
      "cve": "CVE-2025-48587",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48587"
    },
    {
      "cve": "CVE-2025-48602",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48602"
    },
    {
      "cve": "CVE-2025-48605",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48605"
    },
    {
      "cve": "CVE-2025-48609",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48609"
    },
    {
      "cve": "CVE-2025-48613",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48613"
    },
    {
      "cve": "CVE-2025-48619",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48619"
    },
    {
      "cve": "CVE-2025-48630",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48630"
    },
    {
      "cve": "CVE-2025-48631",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48631"
    },
    {
      "cve": "CVE-2025-48634",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48634"
    },
    {
      "cve": "CVE-2025-48635",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48635"
    },
    {
      "cve": "CVE-2025-48641",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48641"
    },
    {
      "cve": "CVE-2025-48642",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48642"
    },
    {
      "cve": "CVE-2025-48644",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48644"
    },
    {
      "cve": "CVE-2025-48645",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48645"
    },
    {
      "cve": "CVE-2025-48646",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48646"
    },
    {
      "cve": "CVE-2025-48650",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48650"
    },
    {
      "cve": "CVE-2025-48653",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48653"
    },
    {
      "cve": "CVE-2025-48654",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-48654"
    },
    {
      "cve": "CVE-2025-58407",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-58407"
    },
    {
      "cve": "CVE-2025-58408",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-58408"
    },
    {
      "cve": "CVE-2025-58409",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-58409"
    },
    {
      "cve": "CVE-2025-58411",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-58411"
    },
    {
      "cve": "CVE-2025-59600",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-59600"
    },
    {
      "cve": "CVE-2025-61612",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-61612"
    },
    {
      "cve": "CVE-2025-61613",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-61613"
    },
    {
      "cve": "CVE-2025-61614",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-61614"
    },
    {
      "cve": "CVE-2025-61615",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-61615"
    },
    {
      "cve": "CVE-2025-61616",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-61616"
    },
    {
      "cve": "CVE-2025-64783",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-64783"
    },
    {
      "cve": "CVE-2025-64784",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-64784"
    },
    {
      "cve": "CVE-2025-64893",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-64893"
    },
    {
      "cve": "CVE-2025-69278",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-69278"
    },
    {
      "cve": "CVE-2025-69279",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2025-69279"
    },
    {
      "cve": "CVE-2026-0005",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0005"
    },
    {
      "cve": "CVE-2026-0006",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0006"
    },
    {
      "cve": "CVE-2026-0007",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0007"
    },
    {
      "cve": "CVE-2026-0008",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0008"
    },
    {
      "cve": "CVE-2026-0010",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0010"
    },
    {
      "cve": "CVE-2026-0011",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0011"
    },
    {
      "cve": "CVE-2026-0012",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0012"
    },
    {
      "cve": "CVE-2026-0013",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0013"
    },
    {
      "cve": "CVE-2026-0014",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0014"
    },
    {
      "cve": "CVE-2026-0015",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0015"
    },
    {
      "cve": "CVE-2026-0017",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0017"
    },
    {
      "cve": "CVE-2026-0020",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0020"
    },
    {
      "cve": "CVE-2026-0021",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0021"
    },
    {
      "cve": "CVE-2026-0023",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0023"
    },
    {
      "cve": "CVE-2026-0024",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0024"
    },
    {
      "cve": "CVE-2026-0025",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0025"
    },
    {
      "cve": "CVE-2026-0026",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0026"
    },
    {
      "cve": "CVE-2026-0027",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0027"
    },
    {
      "cve": "CVE-2026-0028",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0028"
    },
    {
      "cve": "CVE-2026-0029",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0029"
    },
    {
      "cve": "CVE-2026-0030",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0030"
    },
    {
      "cve": "CVE-2026-0031",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0031"
    },
    {
      "cve": "CVE-2026-0032",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0032"
    },
    {
      "cve": "CVE-2026-0034",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0034"
    },
    {
      "cve": "CVE-2026-0035",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0035"
    },
    {
      "cve": "CVE-2026-0037",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0037"
    },
    {
      "cve": "CVE-2026-0038",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0038"
    },
    {
      "cve": "CVE-2026-0047",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-0047"
    },
    {
      "cve": "CVE-2026-20401",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-20401"
    },
    {
      "cve": "CVE-2026-20402",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-20402"
    },
    {
      "cve": "CVE-2026-20403",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-20403"
    },
    {
      "cve": "CVE-2026-20404",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-20404"
    },
    {
      "cve": "CVE-2026-20405",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-20405"
    },
    {
      "cve": "CVE-2026-20406",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-20406"
    },
    {
      "cve": "CVE-2026-20420",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-20420"
    },
    {
      "cve": "CVE-2026-20421",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-20421"
    },
    {
      "cve": "CVE-2026-20422",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-20422"
    },
    {
      "cve": "CVE-2026-20425",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-20425"
    },
    {
      "cve": "CVE-2026-20426",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-20426"
    },
    {
      "cve": "CVE-2026-20427",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-20427"
    },
    {
      "cve": "CVE-2026-20428",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-20428"
    },
    {
      "cve": "CVE-2026-20434",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-20434"
    },
    {
      "cve": "CVE-2026-21385",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-21385"
    },
    {
      "cve": "CVE-2026-21735",
      "product_status": {
        "known_affected": [
          "T051340",
          "T051339",
          "T051342",
          "T051344",
          "T051343"
        ]
      },
      "release_date": "2026-03-02T23:00:00.000+00:00",
      "title": "CVE-2026-21735"
    }
  ]
}

CERTFR-2026-AVI-0231

Vulnerability from certfr_avis - Published: 2026-03-03 - Updated: 2026-03-03

De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.

Google indique que la vulnérabilité CVE-2026-21385 est activement exploitée.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Google	Android	Android versions antérieures à 14, 15, 16, 16-qpr2 sans les correctifs de mars 2026

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-47378 (GCVE-0-2025-47378)

GHSA-HPQ4-RXRF-Q4QG

NCSC-2026-0074

FKIE_CVE-2025-47378

WID-SEC-W-2026-0569

CERTFR-2026-AVI-0231

Solutions

Tags

Sightings

Nomenclature