Security Vulnerabilities - CVEs Published In 2026
Improper check for exceptional conditions in Recents prior to SMR Apr-2026 Release 1 allows physical attacker to bypass App Pinning.
CVSS Score
4.1
EPSS Score
0.0
Published
2026-04-13
Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions.
CVSS Score
6.6
EPSS Score
0.0
Published
2026-04-13
Incorrect privilege assignment in Bluetooth in Maintenance mode prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Extend Unlock.
CVSS Score
5.4
EPSS Score
0.0
Published
2026-04-13
External control of file name in AODManager prior to SMR Apr-2026 Release 1 allows privileged local attacker to create file with system privilege.
CVSS Score
6.8
EPSS Score
0.0
Published
2026-04-13
Race condition vulnerability in the power consumption statistics module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.3
EPSS Score
0.0
Published
2026-04-13
Out-of-bounds write vulnerability in the file system.
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.7
EPSS Score
0.0
Published
2026-04-13
Boundary-unlimited vulnerability in the application read module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.8
EPSS Score
0.0
Published
2026-04-13
UAF vulnerability in the screen management module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
2.5
EPSS Score
0.0
Published
2026-04-13
UAF vulnerability in the kernel module.
Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVSS Score
5.7
EPSS Score
0.0
Published
2026-04-13
Out-of-bounds write vulnerability in the kernel module.
Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVSS Score
5.7
EPSS Score
0.0
Published
2026-04-13