{"api_version":"1","generated_at":"2026-05-13T05:23:11+00:00","cve":"CVE-2026-20451","urls":{"html":"https://cve.report/CVE-2026-20451","api":"https://cve.report/api/cve/CVE-2026-20451.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-20451","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-20451"},"summary":{"title":"CVE-2026-20451","description":"In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504.","state":"PUBLISHED","assigner":"MediaTek","published_at":"2026-05-04 07:15:59","updated_at":"2026-05-07 12:42:44"},"problem_types":["CWE-843","CWE-843 CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')"],"metrics":[{"version":"3.1","source":"ADP","type":"DECLARED","score":"6.7","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","data":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":6.7,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"6.7","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}}],"references":[{"url":"https://corp.mediatek.com/product-security-bulletin/May-2026","name":"https://corp.mediatek.com/product-security-bulletin/May-2026","refsource":"security@mediatek.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-20451","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20451","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT2718","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6899","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6985","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6989","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6991","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8115","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8186","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8188","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8196","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8365","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8367","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8370","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8371","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8390","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8391","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8395","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8676","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8678","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8766","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8768","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8775","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8781","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8786","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8788E","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8791T","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8792","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8793","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8796","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8873","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8883","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8893","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8910","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt2718","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt2718_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6899","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt6899_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6985","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt6985_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6989","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt6989_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6991","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt6991_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8115","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8115_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8186","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8186_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8188","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8188_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8196","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8196_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8365","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8365_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8367","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8367_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8370","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8370_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8371","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8371_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8390","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8390_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8391","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8391_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8395","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8395_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8676","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8676_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8678","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8678_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8766","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8766_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8768","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8768_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8775","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8775_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8781","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8781_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8786","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8786_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8788e","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8788e_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8791t","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8791t_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8792","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8792_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8793","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8793_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8796","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8796_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8873","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8873_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8883","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8883_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8893","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8893_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8910","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8910_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"20451","cve":"CVE-2026-20451","epss":"0.000160000","percentile":"0.039820000","score_date":"2026-05-12","updated_at":"2026-05-13 00:11:54"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":6.7,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},{"other":{"content":{"id":"CVE-2026-20451","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-05-04T00:00:00+00:00","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-05-05T03:56:05.990Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"MediaTek chipset","vendor":"MediaTek, Inc.","versions":[{"status":"affected","version":"MT2718"},{"status":"affected","version":"MT6899"},{"status":"affected","version":"MT6985"},{"status":"affected","version":"MT6989"},{"status":"affected","version":"MT6991"},{"status":"affected","version":"MT8115"},{"status":"affected","version":"MT8186"},{"status":"affected","version":"MT8188"},{"status":"affected","version":"MT8196"},{"status":"affected","version":"MT8365"},{"status":"affected","version":"MT8367"},{"status":"affected","version":"MT8370"},{"status":"affected","version":"MT8371"},{"status":"affected","version":"MT8390"},{"status":"affected","version":"MT8391"},{"status":"affected","version":"MT8395"},{"status":"affected","version":"MT8676"},{"status":"affected","version":"MT8678"},{"status":"affected","version":"MT8766"},{"status":"affected","version":"MT8768"},{"status":"affected","version":"MT8775"},{"status":"affected","version":"MT8781"},{"status":"affected","version":"MT8786"},{"status":"affected","version":"MT8788E"},{"status":"affected","version":"MT8791T"},{"status":"affected","version":"MT8792"},{"status":"affected","version":"MT8793"},{"status":"affected","version":"MT8796"},{"status":"affected","version":"MT8873"},{"status":"affected","version":"MT8883"},{"status":"affected","version":"MT8893"},{"status":"affected","version":"MT8910"}]}],"descriptions":[{"lang":"en","value":"In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-843","description":"CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-05-04T05:42:29.660Z","orgId":"ee979b05-11f8-4f25-a7e0-a1fa9c190374","shortName":"MediaTek"},"references":[{"url":"https://corp.mediatek.com/product-security-bulletin/May-2026"}],"x_generator":{"engine":"cvelib 1.8.0"}}},"cveMetadata":{"assignerOrgId":"ee979b05-11f8-4f25-a7e0-a1fa9c190374","assignerShortName":"MediaTek","cveId":"CVE-2026-20451","datePublished":"2026-05-04T05:42:29.660Z","dateReserved":"2025-11-03T01:30:59.013Z","dateUpdated":"2026-05-05T03:56:05.990Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-04 07:15:59","lastModifiedDate":"2026-05-07 12:42:44","problem_types":["CWE-843","CWE-843 CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')"],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8115_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6C2BA9A9-C865-4AC8-9BF0-0F678B0E5014"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8115:-:*:*:*:*:*:*:*","matchCriteriaId":"C2428897-5F6E-4B63-ADDC-0C15BDF2C565"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8186_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3CEE2EEE-3512-429F-9DAD-E17D64CE447D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8186:-:*:*:*:*:*:*:*","matchCriteriaId":"E4932D34-06F4-49D7-81FB-772A82E8A5B5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8188_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"30E10DDB-6D3D-42CB-9DB9-ED25E6163D3D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*","matchCriteriaId":"BA3D4A45-38EE-4125-AE67-89D1C707F95A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8196_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EE7B4BD3-A945-4C45-8E76-CEE2ADE2001E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*","matchCriteriaId":"FB0C4D80-28BC-4C4D-B522-AD9EC5222A2E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8365_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"76A9E1A0-FDEB-4FA5-BEF8-FAB8BF72E7A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*","matchCriteriaId":"97C76F98-5D8D-4E52-ABAF-CD27C1205B0E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8367_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"32C24935-B6E6-4923-B81C-D29BBEED2B3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8367:-:*:*:*:*:*:*:*","matchCriteriaId":"A28FA947-314F-465B-8ADD-F7973F02D82A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8370_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7619B640-32C6-435B-AABB-E3D11C3B03FE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8370:-:*:*:*:*:*:*:*","matchCriteriaId":"DA2B6BB9-7544-41A7-BF3A-344AA4CC4B31"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8371_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"10C6D722-06CE-4C33-B67B-D5E92BD2B66C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8371:-:*:*:*:*:*:*:*","matchCriteriaId":"7A5AEBAB-CE39-4272-83ED-18E6528787E5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8390_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9627AD8C-49C7-43C4-850E-6BC37FA2F619"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*","matchCriteriaId":"B774B7D7-B7DD-43A0-833F-7E39DF82CA60"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8391_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"16860004-FEBE-4904-952E-222A9AFD0A2F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8391:-:*:*:*:*:*:*:*","matchCriteriaId":"43B2824E-8D18-4DD7-91E7-41578B2FCD6C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8395_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6EFD0432-40B9-4121-9F13-D15645C60191"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*","matchCriteriaId":"D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8676_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"645D7C99-A0A0-4FB0-97AC-3DA5161A44D9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*","matchCriteriaId":"EE302F6F-170E-4350-A8F4-65BE0C50CB78"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8678_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CFEC7A7B-6948-4B8A-BFA1-9F9D07043605"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*","matchCriteriaId":"152A5F3D-8004-4649-BDB1-E6F0798AF1CB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8766_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"215862D7-BF3D-4955-BCFF-48778190EEB5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*","matchCriteriaId":"CE45F606-2E75-48BC-9D1B-99D504974CBF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8768_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"303069C6-F031-4176-9465-46F4134BB423"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*","matchCriteriaId":"1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8775_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FAA319BC-2689-497C-8D7D-482CD2AD89A1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*","matchCriteriaId":"DE5FB550-7264-4879-BAF9-6798949113AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8781_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7E2280E5-F903-4541-8404-9F789CEFF172"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*","matchCriteriaId":"533284E5-C3AF-48D3-A287-993099DB2E41"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8786_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"88A514F4-3EAF-45FB-8736-4A015E4DEB4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*","matchCriteriaId":"9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8788e_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"65B4F295-BF35-4A71-8567-CB1B367D80E9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8788e:-:*:*:*:*:*:*:*","matchCriteriaId":"CEDF887A-1862-4336-ABFC-371838E1D029"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8791t_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6D15A887-AC6B-4458-8355-8505742F4FC2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*","matchCriteriaId":"1BB05B1D-77C9-4E42-91AD-9F087413DC20"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8792_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AE904A76-14A2-41D5-86FF-BCA686342E85"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*","matchCriteriaId":"336FC69E-E89F-4642-B6B9-8009D9A2BD52"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8793_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"42C2F52D-C49C-4AFF-B6FA-FFA82EF96142"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*","matchCriteriaId":"2FBD3487-F8CE-406C-8BD7-DD57FF8CD60B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8796_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6DC17C8D-377F-4343-BE7E-359224912061"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*","matchCriteriaId":"DE933AD9-3A6F-421B-8AB3-C45F8DEA9548"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8873_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9D40337A-B78E-41CF-ADDC-A31190950F73"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8873:-:*:*:*:*:*:*:*","matchCriteriaId":"D6DD525F-7050-42BD-829D-1121698B8009"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8883_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C5049DE8-5F0C-4E0D-85AE-F47CECE2DCE8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8883:-:*:*:*:*:*:*:*","matchCriteriaId":"23DD8281-FEB4-4E23-8DDA-680FF895F12E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8893_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8E905861-38DA-4023-9751-2CD2EDE489EF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8893:-:*:*:*:*:*:*:*","matchCriteriaId":"CCFAADB1-C2B2-47A6-BB66-761B964E7DFB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8910_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A05E635E-9559-4899-A7BA-A74EB6501D1C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8910:-:*:*:*:*:*:*:*","matchCriteriaId":"8C81BC81-1358-4005-8D35-92428D052A65"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt2718_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DDCA451B-219B-4490-98F3-60A569B5C513"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt2718:-:*:*:*:*:*:*:*","matchCriteriaId":"F5506327-7DDF-4E88-9EA8-10B8E32F848B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt6899_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BEBA484A-EC07-4D3D-80CD-BDE9E7807F71"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*","matchCriteriaId":"C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt6985_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CA30A145-D98E-4DA7-84C7-377402951190"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*","matchCriteriaId":"EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt6989_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E495B8EB-C9B5-4F32-AEE2-D2C41C0B292B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*","matchCriteriaId":"AD7DE6B2-66D9-4A3E-B15F-D56505559255"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt6991_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D9DD2119-39E8-4A9C-8E2A-8FB7F92A1001"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*","matchCriteriaId":"CBBB30DF-E963-4940-B742-F6801F68C3FC"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"20451","Ordinal":"1","Title":"CVE-2026-20451","CVE":"CVE-2026-20451","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"20451","Ordinal":"1","NoteData":"In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504.","Type":"Description","Title":"CVE-2026-20451"}]}}}