A vulnerability was found in Google Android 14/15/16/16-qpr2 . It has been classified as critical . The impacted element is the function getCallingAppLabel of the file CertInstaller.java . Performing a manipulation results in information disclosure. This vulnerability is cataloged as CVE-2026-0088 . The attack must be initiated from a local position. There is no exploit available.