Posts tagged "Pendingintent"

2 posts

April 18, 2026

FLAG_MUTABLE PendingIntent in DeviceAsWebcam Allows Foreground Activity Hijack via fillIn() Injection

A mutable notification PendingIntent in DeviceAsWebcam enables fillIn() intent injection and forced foreground launch of a system-UID activity from a NotificationListenerService app.

April 6, 2026

Intercepting Android's ManagedProvisioning: A PendingIntent Vulnerability in AOSP

I found a vulnerability in Android's ManagedProvisioning that lets any unprivileged app intercept privileged provisioning callbacks. Google classified it as low severity.