CVE-2025-36911

State: PUBLISHED · Published: 2026-01-15 · Updated: 2026-01-28 · Assigner: Google_Devices

Description

In key-based pairing, there is a possible ID due to a logic error in the code. This could lead to remote (proximal/adjacent) information disclosure of user's conversations and location with no additional execution privileges needed. User interaction is not needed for exploitation.

CWE

(none)

Affected

Google / Android — v=Android kernel [affected]

CVSS

(none)

References

https://source.android.com/docs/security/bulletin/pixel/2026/2026-01-01 vendor-advisory

Source

cvelistV5-main/cves/2025/36xxx/CVE-2025-36911.json