CVE-2025-26450: 
NixOS vulnerability analysis and mitigation

CVE-2025-26450 is a highly-rated local privilege escalation vulnerability discovered in the Android Framework, disclosed in June 2025. The vulnerability affects Android versions prior to the June 2025 security patch level. The issue exists within the onInputEvent functionality of IInputMethodSessionWrapper.java, where an untrusted application can potentially inject key events (Android Security Bulletin).

The vulnerability resides in the Android Framework's input method service component, specifically in the onInputEvent of IInputMethodSessionWrapper.java. The issue allows a malicious application to inject fabricated InputEvents into IME's file descriptor, which can interfere with special shortcuts like IME switching. The vulnerability has been assigned a high severity rating due to its potential impact on system security (Android Commit).

The vulnerability enables a malicious application to perform privilege escalation through input event injection. This could potentially allow an attacker to manipulate special shortcuts and system functions related to the Input Method Editor (IME), leading to unauthorized access to system features (ASEC Report).

Google has addressed this vulnerability in the June 2025 Android Security Update. Users are strongly advised to update their Android devices to the latest security patch level. The fix includes implementation of verification mechanisms for KeyEvents with modifiers and those indicated as sensitive by IME, along with timestamp verification for replayed events (CERT-FR).