Google has released the June 2026 Android security patches to address a total of 124 vulnerabilities, including one actively exploited zero-day flaw. The high-severity vulnerability, tracked as CVE-2025-48595, allows local attackers to gain code execution and escalate privileges on devices running Android 14 or later.
According to Google’s March 2025 Android Security Bulletin, there are indications that CVE-2025-48595 is being targeted in limited attacks. The company has yet to share technical details about the flaw or provide information about the ongoing attacks targeting it.
Similar vulnerabilities have been exploited in the past by commercial spyware and nation-state operations targeting high-profile individuals. Google encourages all users to update to the latest version of Android where possible, as exploitation for many issues on Android is made more difficult by enhancements in newer versions of the platform.
The June 2026 security updates also address 18 critical vulnerabilities across System, Framework, and Qualcomm closed-source components that attackers can abuse to trigger denial-of-service conditions and elevate privileges on unpatched Android devices. One of these vulnerabilities could lead to remote escalation of privilege with no additional execution privileges needed.
Google has released two sets of patches: the 2026-06-01 and 2026-06-05 security patch levels, with the latter bundling all fixes from the first batch, along with patches for closed-source third-party and kernel subcomponents that may not apply to all Android devices. While Google Pixel devices will receive these updates immediately, other vendors may take longer to test and tweak them for specific hardware configurations.
The latest security updates follow Google’s overhaul of its Android and Chrome vulnerability rewards programs in March 2026, which offers bounties of up to $1.5 million for some Android exploits while scaling back payouts for flaws that are easier to find using artificial intelligence.
Source: Original article