CVE-2026-20451 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.7 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 1%

Affected Products (NVD)

Vendor	Product	Version
mediatek	mt8115_firmware	-
mediatek	mt8186_firmware	-
mediatek	mt8188_firmware	-
mediatek	mt8196_firmware	-
mediatek	mt8365_firmware	-
mediatek	mt8367_firmware	-
mediatek	mt8370_firmware	-
mediatek	mt8371_firmware	-
mediatek	mt8390_firmware	-
mediatek	mt8391_firmware	-
mediatek	mt8395_firmware	-
mediatek	mt8676_firmware	-
mediatek	mt8678_firmware	-
mediatek	mt8766_firmware	-
mediatek	mt8768_firmware	-
mediatek	mt8775_firmware	-
mediatek	mt8781_firmware	-
mediatek	mt8786_firmware	-
mediatek	mt8788e_firmware	-
mediatek	mt8791t_firmware	-
mediatek	mt8792_firmware	-
mediatek	mt8793_firmware	-
mediatek	mt8796_firmware	-
mediatek	mt8873_firmware	-
mediatek	mt8883_firmware	-
mediatek	mt8893_firmware	-
mediatek	mt8910_firmware	-
mediatek	mt2718_firmware	-
mediatek	mt6899_firmware	-
mediatek	mt6985_firmware	-
mediatek	mt6989_firmware	-
mediatek	mt6991_firmware	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
The program allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

References

https://corp.mediatek.com/product-security-bulletin/May-2026