Medium severity6.7NVD Advisory· Published May 4, 2026· Updated May 7, 2026

CVE-2026-20451

Description

In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504.

Affected products

Mediatek/Mt8115 Firmware
cpe:2.3:o:mediatek:mt8115_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8186 Firmware
cpe:2.3:o:mediatek:mt8186_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8188 Firmware
cpe:2.3:o:mediatek:mt8188_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8196 Firmware
cpe:2.3:o:mediatek:mt8196_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8365 Firmware
cpe:2.3:o:mediatek:mt8365_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8367 Firmware
cpe:2.3:o:mediatek:mt8367_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8370 Firmware
cpe:2.3:o:mediatek:mt8370_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8883 Firmware
cpe:2.3:o:mediatek:mt8883_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8893 Firmware
cpe:2.3:o:mediatek:mt8893_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8910 Firmware
cpe:2.3:o:mediatek:mt8910_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt2718 Firmware
cpe:2.3:o:mediatek:mt2718_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt6899 Firmware
cpe:2.3:o:mediatek:mt6899_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt6985 Firmware
cpe:2.3:o:mediatek:mt6985_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt6989 Firmware
cpe:2.3:o:mediatek:mt6989_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt6991 Firmware
cpe:2.3:o:mediatek:mt6991_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8371 Firmware
cpe:2.3:o:mediatek:mt8371_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8390 Firmware
cpe:2.3:o:mediatek:mt8390_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8391 Firmware
cpe:2.3:o:mediatek:mt8391_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8395 Firmware
cpe:2.3:o:mediatek:mt8395_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8676 Firmware
cpe:2.3:o:mediatek:mt8676_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8678 Firmware
cpe:2.3:o:mediatek:mt8678_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8766 Firmware
cpe:2.3:o:mediatek:mt8766_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8768 Firmware
cpe:2.3:o:mediatek:mt8768_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8775 Firmware
cpe:2.3:o:mediatek:mt8775_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8781 Firmware
cpe:2.3:o:mediatek:mt8781_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8786 Firmware
cpe:2.3:o:mediatek:mt8786_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8788e Firmware
cpe:2.3:o:mediatek:mt8788e_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8791t Firmware
cpe:2.3:o:mediatek:mt8791t_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8792 Firmware
cpe:2.3:o:mediatek:mt8792_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8793 Firmware
cpe:2.3:o:mediatek:mt8793_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8796 Firmware
cpe:2.3:o:mediatek:mt8796_firmware:-:*:*:*:*:*:*:*
Mediatek/Mt8873 Firmware
cpe:2.3:o:mediatek:mt8873_firmware:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

corp.mediatek.com/product-security-bulletin/May-2026nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.436
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000