A vulnerability, which was classified as critical , has been found in Google Android XR 14 . This vulnerability affects the function addInputMethodListener of the component com.android.server.inputmethod.InputMethodManagerService . This manipulation causes improper authorization. This vulnerability is handled as CVE-2026-0072 . It is possible to launch the attack on the local host. There is not any exploit available.