Android adbd wireless ADB authentication bypass (CVSS 8.8, adjacent-network, public PoC 2026-05-11) — § 2 gate not cleared
cve · CVE-2026-0073
Coverage timeline
1
first 2026-05-12 → last 2026-05-12
Briefs
1
1 distinct
Sources cited
9
8 hosts
Sections touched
0
—
Co-occurring entities
0
no co-occurrence
Story timeline
- 2026-05-12CTI Daily Brief — 2026-05-12
Source distribution
- welivesecurity.com2 (22%)
- attack.mitre.org1 (11%)
- bleepingcomputer.com1 (11%)
- blog.talosintelligence.com1 (11%)
- cert.ssi.gouv.fr1 (11%)
- penligent.ai1 (11%)
- source.android.com1 (11%)
- thehackernews.com1 (11%)
External references
All cited sources (9)
- source.android.comprimaryinlineAndroid Security Bulletin May 2026https://source.android.com/docs/security/bulletin/2026/2026-05-01
- attack.mitre.orginlineT1566 Phishinghttps://attack.mitre.org/techniques/T1566/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-05https://www.bleepingcomputer.com/news/security/scarcruft-hackers-push-birdcall-android-malware-via-game-platform/
- blog.talosintelligence.cominlineCisco Talos, 2026-05-05https://blog.talosintelligence.com/cloudz-pheno-infostealer/
- cert.ssi.gouv.frinlineCERT-FR / cert.ssi.gouv.fr, 2026-05-04/05https://www.cert.ssi.gouv.fr/
- penligent.aiinlinePenligent/Barghest researchhttps://www.penligent.ai/hackinglabs/cve-2026-0073-android-adbd-zero-click-shell-through-wireless-adb/
- thehackernews.cominlineThe Hacker News, 2026-05-05https://thehackernews.com/2026/05/scarcruft-hacks-gaming-platform-to.html
- welivesecurity.cominlineWeLiveSecurity (ESET), 2026-05-07https://www.welivesecurity.com/en/eset-research/fake-call-logs-real-payments-how-callphantom-tricks-android-users/
- welivesecurity.cominlineESET WeLiveSecurity, 2026-05-05https://www.welivesecurity.com/en/eset-research/rigged-game-scarcruft-compromises-gaming-platform-supply-chain-attack/
Items in briefs about Android adbd wireless ADB authentication bypass (CVSS 8.8, adjacent-network, public PoC 2026-05-11) — § 2 gate not cleared
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.