Contacts Provider

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-28576	Google Contacts Provider		0.00	—	—		Jun 17, 2026	In Contacts Provider, there is a possible way to access the contacts database due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2026-0057	Google Contacts Provider		0.00	—	—		Jun 17, 2026	In Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for…

CVE-2026-28576Jun 17, 2026
Google
Contacts Provider
risk 0.00cvss —epss —
In Contacts Provider, there is a possible way to access the contacts database due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2026-0057Jun 17, 2026
Google
Contacts Provider
risk 0.00cvss —epss —
In Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for…