I was reading that this vulnerability was disclosed today and apparently it's fixed in nov security update (which is already applied by GrapheneOS), however I found it interesting for further discussion.
Related links:
Explanation by the author:
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/
Video of the POC:
https://www.youtube.com/watch?v=dSgSnYPgzT0
Communication with google:
https://feed.bugs.xdavidhu.me/bugs/0016
CVE Details:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20465
Given the severity of this vulnerability and how it affected many devices, it's kind of worrisome that google took months to fix this.