Bypassing User Isolation on Android with a Screen Reader

A missing check in Android's NotificationManagerService allowed screen readers to leak private notifications from one user to another. This was fixed with a single added condition to check if the notification belongs to the current user. This bug affected users with screen readers and accessibility services. Users should update to the latest Android version to prevent this issue. Android developers should review their accessibility services for similar vulnerabilities.