CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-20436

In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00473802; Issue ID: MSV-5970.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.7%

CVSS Severity

CVSS v3 Score 6.7

References

https://corp.mediatek.com/product-security-bulletin/March-2026

Products affected by CVE-2026-20436

Mediatek » Nbiot Sdk » Version: 2.8.1

cpe:2.3:a:mediatek:nbiot_sdk:2.8.1
Mediatek » Nbiot Sdk » Version: 3.6

cpe:2.3:a:mediatek:nbiot_sdk:3.6
Mediatek » Mt7902 » Version: N/A

cpe:2.3:h:mediatek:mt7902:-
Mediatek » Mt7920 » Version: N/A

cpe:2.3:h:mediatek:mt7920:-
Mediatek » Mt7921 » Version: N/A

cpe:2.3:h:mediatek:mt7921:-
Mediatek » Mt7922 » Version: N/A

cpe:2.3:h:mediatek:mt7922:-
Mediatek » Mt7925 » Version: N/A

cpe:2.3:h:mediatek:mt7925:-
Mediatek » Mt7927 » Version: N/A

cpe:2.3:h:mediatek:mt7927:-
Mediatek » Mt8696 » Version: N/A

cpe:2.3:h:mediatek:mt8696:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-20436

Products

Pricing

Contact Us