6.7
CVE-2026-20436 - Local Privilege Escalation via Missing Bounds Check in MediaTek WLAN STA Driver
In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00473802; Issue ID: MSV-597โฆ
4.6
CVE-2026-20435 - Local Information Disclosure via Preloader Logic Error in MediaTek Chipset
In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPโฆ
7.5
CVE-2026-20434 - Out-of-Bounds Write in MediaTek Modem Enables Remote Privilege Escalation
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. โฆ
8.8
CVE-2026-20430 - Out-of-Bounds Write in MediaTek Wireless Firmware Enables Privilege Escalation
In wlan AP FW, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00467553; Issue ID: MSV-5151.
6.7
CVE-2026-20428 - OutโofโBounds Write in MediaTek Display Code Enables Local Privilege Escalation
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5536.
6.7
CVE-2026-20427 - Missing Bounds Check Enables Local Privilege Escalation in MediaTek Display Subsystem
In display, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5537.
6.7
CVE-2026-20426 - OutโofโBounds Write in MediaTek Chipset Enables Local Privilege Escalation
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5538.
6.7
CVE-2026-20425 - OutโofโBounds Write in MediaTek Display Driver Enables Local Privilege Escalation
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5539.
7.8
CVE-2026-20423 - Out-of-Bounds Write in Mediatek WLAN STA Driver Leads to Local Privilege Escalation
In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00465314; Issue ID: MSV-4956.
9.3
CVE-2026-3422 - e-Excellence๏ฝU-Office Force - Insecure Deserialization
U-Office Force developed by e-Excellence has a Insecure Deserialization vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server by sending maliciously crafted serialized content.