CVE Catalog

CVE-2026-0158

LowCVSS 3.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.06%

0th percentile — higher than 0% of all known CVEs

Summary

In the Camera application, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

Risk Assessment

The organization may be exposed to the disclosure of users' private photos, which could lead to privacy violations and reputational damage.

Recommendation

It is recommended to implement proper permission checks in the Camera application to prevent unauthorized access to photos.

Original NVD description (English source)

In Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS