A vulnerability was found in Google Android 14/15/16/16-qpr2 . It has been classified as critical . Affected is the function approvalLevelForDomainInternal of the file DomainVerificationService.java . The manipulation leads to Local Privilege Escalation. This vulnerability is listed as CVE-2026-0087 . The attack must be carried out locally. There is no available exploit.