wid-sec-w-2026-0589 · Published 2026-03-03 · View on BSI CERT-Bund ↗

Pixel Patchday März 2026: Multiple Vulnerabilities

CVSS 10.0 CRITICAL

Risk Summary

The register protection of the PowerVR GPU is incorrectly configured. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVEs (20)

CVE-2024-56184 CVE-2025-36920 CVE-2025-48611 CVE-2026-0107 CVE-2026-0108 CVE-2026-0109 CVE-2026-0110 CVE-2026-0111 CVE-2026-0112 CVE-2026-0113 CVE-2026-0114 CVE-2026-0115 CVE-2026-0116 CVE-2026-0117 CVE-2026-0118 CVE-2026-0119 CVE-2026-0120 CVE-2026-0121 CVE-2026-0122 CVE-2026-0123

Affected Vendors

Google

Affected Products (2)

Google · Android Pixel <2026-03-05

Google · Android Pixel 2026-03-05

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more