Unrated severityNVD Advisory· Published Dec 8, 2015· Updated May 6, 2026

CVE-2015-6626

Description

libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24310423.

Affected products

Google/Android2 versions
cpe:2.3:o:google:android:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:google:android:*:*:*:*:*:*:*:*range: >=5.0,<5.1.1
- cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

source.android.com/security/bulletin/2015-12-01.htmlnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000