CVE-2026-0082

HIGH google android NVD

CVSS Score 7.8

Severity HIGH

Published Jun 17, 2026

Vendor google

Description

In tryStartActivity of NfcDispatcher.java, there is a possible automatic special app access permission assignment due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Vendor Advisories

https://source.android.com/docs/security/bulletin/android-17

References

https://source.android.com/docs/security/bulletin/android-17