CVE Catalog

CVE-2026-0134

LowCVSS 3.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.07%

0th percentile — higher than 0% of all known CVEs

Summary

In the PostWipeData function of recovery_ui.cpp, there is a possible data persistence issue after a factory reset due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed.

Risk Assessment

The organization may be exposed to the disclosure of sensitive user data, potentially leading to privacy breaches and information security issues.

Recommendation

It is recommended to review and fix the logic in the PostWipeData function to ensure that data does not persist after a factory reset.

Original NVD description (English source)

In PostWipeData of recovery_ui.cpp, there is a possible data persistence issue after a factory reset due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS