Google released an Android update to patch a critical remote code execution vulnerability in the System component tracked as CVE-2026-0073. The flaw affects adbd, requires no user interaction to exploit, and there are currently no reports of in-the-wild exploitation; patches for Wear OS, Pixel Watch, Android XR, and Android Automotive were not released this month. #CVE-2026-0073 #adbd
Keypoints
- A critical remote code execution flaw in Androidβs System component is tracked as CVE-2026-0073.
- The vulnerability affects adbd (Android Debug Bridge daemon) and allows code execution as the shell user.
- No user interaction is required for exploitation, increasing the severity.
- No patches were released this month for Wear OS, Pixel Watch, Android XR, or Android Automotive.
- There are no indications that CVE-2026-0073 has been exploited in the wild.
Read More: https://www.securityweek.com/critical-remote-code-execution-vulnerability-patched-in-android-2/