CVE-2026-0148

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Jun 16, 2026

Vendor unknown

Description

In multiple functions of VideoRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

References

https://source.android.com/docs/security/bulletin/pixel/2026/2026-06-01