CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-20438

In MAE, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10431920; Issue ID: MSV-5835.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.3%

CVSS Severity

CVSS v3 Score 6.4

References

https://corp.mediatek.com/product-security-bulletin/March-2026

Products affected by CVE-2026-20438

Mediatek » Mt2718 » Version: N/A

cpe:2.3:h:mediatek:mt2718:-
Mediatek » Mt6899 » Version: N/A

cpe:2.3:h:mediatek:mt6899:-
Mediatek » Mt6991 » Version: N/A

cpe:2.3:h:mediatek:mt6991:-
Mediatek » Mt8168 » Version: N/A

cpe:2.3:h:mediatek:mt8168:-
Mediatek » Mt8169 » Version: N/A

cpe:2.3:h:mediatek:mt8169:-
Mediatek » Mt8186 » Version: N/A

cpe:2.3:h:mediatek:mt8186:-
Mediatek » Mt8188 » Version: N/A

cpe:2.3:h:mediatek:mt8188:-
Mediatek » Mt8678 » Version: N/A

cpe:2.3:h:mediatek:mt8678:-
Mediatek » Mt8695 » Version: N/A

cpe:2.3:h:mediatek:mt8695:-
Mediatek » Mt8696 » Version: N/A

cpe:2.3:h:mediatek:mt8696:-
Mediatek » Mt8793 » Version: N/A

cpe:2.3:h:mediatek:mt8793:-
Google » Android » Version: 15.0

cpe:2.3:o:google:android:15.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-20438

Products

Pricing

Contact Us