{"id":"ASB-A-476417007","details":"In onCreate of DisableSupervisionActivity.kt, there is a possible way to delete supervision data due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-476417007","CVE-2026-0086"],"modified":"2026-06-03T15:06:08.149995907Z","published":"2026-06-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2026-06-01"}],"affected":[{"package":{"name":"platform/packages/apps/Settings","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"17-next:0"},{"fixed":"17-next:2026-06-01"}]}],"versions":["17-next"],"ecosystem_specific":{"spl":"2026-06-01","fixes":["https://android.googlesource.com/platform/packages/apps/Settings/+/f0922db8cc4c1cb515c8a2a580993aa061481f65"],"severity":"High","types":["EoP"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-476417007.json"}},{"package":{"name":"platform/packages/apps/Settings","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"16-qpr2:0"},{"fixed":"16-qpr2:2026-06-01"}]}],"versions":["16-qpr2"],"ecosystem_specific":{"spl":"2026-06-01","fixes":["https://android.googlesource.com/platform/packages/apps/Settings/+/ff671ddafc28d5e73bdfdbb9cc7826d441ff65c3"],"severity":"High","types":["EoP"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-476417007.json"}}],"schema_version":"1.7.5"}