This article explores how Android’s multi-user isolation could be bypassed through the accessibility subsystem, exposing notifications belonging to background users to whichever user was currently in the foreground. Android’s multi-user architecture is designed to keep each profile’s data separate, but accessibility services such as TalkBack run with elevated privileges and receive system-level events that can carry sensitive content. The root cause was that NotificationManagerService did not verify notification ownership against the active user before dispatching accessibility events, which meant private messages — including two-factor authentication codes — could be intercepted by a foreground user’s screen reader or automation tools like Tasker. The post walks through how the issue manifests in practice, why accessibility APIs are a particularly attractive surface for this kind of cross-user leak, and how a small conditional check confirming that a notification belongs to the foreground user is enough to prevent the leakage. It is a useful read for Android developers, security engineers, and anyone building apps that handle sensitive notifications on shared or multi-profile devices.