Android Contact Name Leak Vulnerability in Notification Management

Vulnerability

A vulnerability has been identified in the Android notification management system, specifically within the 'setHideSensitive' method of 'ExpandableNotificationRow.java'. This issue arises from a logic error that creates a potential leak of contact names, leading to unauthorized local information disclosure. The vulnerability does not require additional execution privileges or user interaction for exploitation.

Impact

Exploitation of this vulnerability could result in unauthorized local access to sensitive contact information.

Added: Mar 2, 2026, 7:34 PM

Updated: Mar 2, 2026, 8:55 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Android Contact Name Leak Vulnerability in Notification Management

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating