Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.4
Adobe Flash Player allows local attackers to gain elevated privileges
CVE-2026-0010
ASB-A-379695596
Summary
Adobe Flash Player has a security flaw that could allow a malicious user to gain more access to your computer than they should have. This means a hacker could potentially do more damage than they normally could. To stay safe, update Adobe Flash to the latest version available.
What to do
- Update google platform/frameworks/av to version 16-qpr2-next:2026-03-01.
- Update google platform/frameworks/av to version 15:2026-03-01.
- Update google platform/frameworks/av to version 16:2026-03-01.
- Update google platform/frameworks/av to version 14:2026-03-01.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| android | 14.0 | – | |
| android | 15.0 | – | |
| android | 16.0 | – | |
| platform/frameworks/av | > 16-qpr2-next:0 , <= 16-qpr2-next:2026-03-01 | 16-qpr2-next:2026-03-01 | |
| platform/frameworks/av | > 15:0 , <= 15:2026-03-01 | 15:2026-03-01 | |
| platform/frameworks/av | > 16:0 , <= 16:2026-03-01 | 16:2026-03-01 | |
| platform/frameworks/av | > 14:0 , <= 14:2026-03-01 | 14:2026-03-01 |
Original title
In onTransact of IDrmManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privile...
Original description
In onTransact of IDrmManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd CVSS3.1
8.4
Vulnerability type
CWE-787
Out-of-bounds Write
Published: 1 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026