Falhas do tipo CWE-862
7.077 resultadosCVE-2025-48574HIGHIn validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an app to intercept drag-and-drop events due to a missing permiEPSS 0.1%CVE-2022-39114MEDIUMIn Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional executEPSS 0.1%CVE-2023-42681HIGHIn ion service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution EPSS 0.1%CVE-2023-42736HIGHIn telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional executEPSS 0.1%CVE-2026-53818MEDIUMOpenClaw < 2026.4.24 - Owner-Only Tool Policy Bypass via MCP LoopbackEPSS 0.1%CVE-2026-0026HIGHIn removePermission of PermissionManagerServiceImpl.java, there is a possible way to override any system permission due to a logic error inEPSS 0.1%CVE-2023-42747HIGHIn camera service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional executiEPSS 0.1%CVE-2023-42740HIGHIn telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead tEPSS 0.1%CVE-2022-47361HIGHIn firewall service, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges EPSS 0.1%CVE-2023-42698MEDIUMIn omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to EPSS 0.1%CVE-2023-42706MEDIUMIn firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead EPSS 0.1%CVE-2025-48640HIGHIn multiple locations, there is a possible 3rd party passkey entry pairing approval due to a missing permission check. This could lead to reEPSS 0.1%CVE-2026-0024MEDIUMIn isRedactionNeededForOpenViaContentResolver of MediaProvider.java, there is a possible way to reveal the location of media due to a missinEPSS 0.1%CVE-2022-39119—In network service, there is a missing permission check. This could lead to local escalation of privilege with no additional execution priviEPSS 0.1%CVE-2025-48634HIGHIn relayoutWindow of WindowManagerService.java, there is a possible tapjack attack due to a missing permission check. This could lead to locEPSS 0.1%CVE-2026-53820MEDIUMOpenClaw < 2026.5.12 - Exec Denylist Bypass in Bundle MCP Loopback Session SpawnEPSS 0.1%CVE-2022-44421MEDIUMIn wlan driver, there is a possible missing permission check. This could lead to local In wlan driver, information disclosure.EPSS 0.1%CVE-2018-9406MEDIUMIn NlpService, there is a possible way to obtain location information due to a missing permission check. This could lead to local escalationEPSS 0.1%CVE-2026-53850MEDIUMOpenClaw < 2026.4.25 - Control Scope Enforcement Bypass in Focus CommandEPSS 0.1%CVE-2025-11791MEDIUMSensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: Acronis CybEPSS 0.1%