Vulnerability Details CVE-2026-28576
In Contacts Provider, there is a possible way to access the contacts database due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 30.2%
CVSS Severity
CVSS v3 Score 5.5