Google has released an Android update that patches 124 vulnerabilities, including CVE-2025-48595, a zero-day privilege escalation flaw in the Android Framework that may have been used in limited, targeted attacks. The update also fixes multiple critical and high-severity issues across Android System, Kernel, and components from Qualcomm, MediaTek, Unisoc, and Imagination Technologies. #CVE-2025-48595 #CVE-2026-0059 #Android
Keypoints
- Google patched 124 vulnerabilities in its latest Android update.
- CVE-2025-48595 is a zero-day privilege escalation flaw in Android Framework.
- Google said the flaw may be under limited, targeted exploitation.
- 18 vulnerabilities were rated critical and affect framework, system, and Qualcomm components.
- One issue, CVE-2026-0059, can be exploited for remote code execution.
Read More: https://www.securityweek.com/android-update-patches-exploited-zero-day-123-other-vulnerabilities/