Security Vulnerabilities
Improper authentication in Smart Switch prior to version 3.7.69.15 allows remote attackers to bypass authentication.
CVSS Score
9.8
EPSS Score
0.002
Published
2026-03-16
Authentication bypass by replay in Smart Switch prior to version 3.7.69.15 allows remote attackers to trigger privileged functions.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-16
Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability.
CVSS Score
5.0
EPSS Score
0.0
Published
2026-03-16
Improper verification of cryptographic signature in Font Settings prior to SMR Mar-2026 Release 1 allows physical attackers to use custom font.
CVSS Score
2.4
EPSS Score
0.0
Published
2026-03-16
Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege.
CVSS Score
8.1
EPSS Score
0.0
Published
2026-03-16
Improper privilege management in ThemeManager prior to SMR Mar-2026 Release 1 allows local privileged attackers to reuse trial contents.
CVSS Score
4.4
EPSS Score
0.0
Published
2026-03-16
in OpenHarmony v6.0 and prior versions allow a local attacker case DOS through missing release of memory.
CVSS Score
3.3
EPSS Score
0.0
Published
2026-03-16
Malformed ATAES132A responses with an oversized length field overflow a 52-byte stack buffer in the Zephyr crypto driver, allowing a compromised device or bus attacker to corrupt kernel memory and potentially hijack execution.
CVSS Score
3.8
EPSS Score
0.0
Published
2026-03-16
IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls.
CVSS Score
5.1
EPSS Score
0.0
Published
2026-03-16
Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability
CVSS Score
5.0
EPSS Score
0.0
Published
2026-03-16