CVE-2026-0021

In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible cross-user permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible cross-user permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

En hasInteractAcrossUsersFullPermission de AppInfoBase.java, existe una posible elusión de permisos entre usuarios debido a un delegado confuso. Esto podría llevar a una escalada local de privilegios sin necesidad de privilegios de ejecución adicionales. No se requiere interacción del usuario para la explotación.