A vulnerability identified as critical has been detected in Google Android 14/15/16/16-qpr2 . This affects an unknown function of the file AppOpsService.java . The manipulation leads to permission issues. This vulnerability is traded as CVE-2026-28586 . An attack has to be approached locally. There is no exploit available.