CVE-2026-0056

3.3 LOW

In setTo of ResourceTypes.cpp, there is a possible read out of bounds due to an incorrect bounds check

Published: 2026-06-01 · Last updated: 2026-06-03

Severity and scoring

CVSS: 3.3 LOW
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE: CWE-120

Affected products

Vendor	Product
google	android

Description

In setTo of ResourceTypes.cpp, there is a possible read out of bounds due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-0056
[Vendor advisory]https://source.android.com/docs/security/bulletin/2026/2026-06-01

Related CVEs

Same vendor

CVE-2026-11701 — Inappropriate implementation in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via ... (5.4 MEDIUM)
CVE-2026-11700 — Use after free in Tracing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to ... (8.3 HIGH)
CVE-2026-11699 — Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corrupt... (8.8 HIGH)
CVE-2026-11698 — Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corrupt... (8.8 HIGH)
CVE-2026-11697 — Insufficient validation of untrusted input in UI in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perfor... (9.6 CRITICAL)

Same CWE

CVE-2026-36818 — Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the wewifiWhiteUserInfo parameter... (7.5 HIGH)
CVE-2026-36817 — Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthWhiteUserInfo paramet... (7.5 HIGH)
CVE-2026-36816 — Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the wewifiWhiteUserInfo paramete... (7.5 HIGH)
CVE-2026-36815 — Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the hostname parameter of the fo... (7.5 HIGH)
CVE-2026-36811 — Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picName parameter of the for... (7.5 HIGH)