A vulnerability was found in Google Android 14/15/16/16-qpr2 . It has been rated as critical . The affected element is the function validateNode of the file ResourceTypes.cpp . Performing a manipulation results in out-of-bounds read. This vulnerability is reported as CVE-2026-0076 . The attack requires a local approach. No exploit exists.