Android Framework code execution and privilege escalation flaw (CVE-2025-48595)
Vulnerability
Summary
Hide ▲
Show ▼
Google's June 2026 Android security patches now cover CVE-2025-48595, an actively exploited Android Framework flaw that can lead to code execution and privilege escalation on Android 14 or later devices. Google said the vulnerability may be under limited, targeted exploitation, making timely patching important for exposed devices. The flaw was already tracked in the March 2025 Android Security Bulletin and is now fixed in the 2026-06-01 and 2026-06-05 patch levels.
Related Happenings
Google Dialogflow CX Code Blocks shared-runtime isolation security flaw
Vulnerability
H score32
First: 07.07.2026 19:37
Last: 07.07.2026 19:37
Sources 1
About this happening:
Google Dialogflow CX Code Blocks had a shared-runtime isolation flaw that could let one editable agent affect other Code Block-enabled agents in the same Google Cloud pr...
Google Dialogflow CX Code Blocks shared-runtime isolation security flaw
VulnerabilityAbout this happening: Google Dialogflow CX Code Blocks had a shared-runtime isolation flaw that could let one editable agent affect other Code Block-enabled agents in the same Google Cloud pr...
Google Play Protect adds warnings and app disabling for compromised SDK abuse
Security Tool/Service
H score11
First: 03.07.2026 12:35
Last: 03.07.2026 12:35
Sources 1
About this happening:
Google Play Protect was updated in July 2026 to warn Android users automatically and disable apps tied to compromised SDKs, limiting abuse of consumer devices...
Google Play Protect adds warnings and app disabling for compromised SDK abuse
Security Tool/ServiceAbout this happening: Google Play Protect was updated in July 2026 to warn Android users automatically and disable apps tied to compromised SDKs, limiting abuse of consumer devices...
Google Android Developer Verifier enforcement rollout for verified app installs
Security Tool/Service
H score14
First: 22.06.2026 15:45
Last: 22.06.2026 15:45
Sources 1
About this happening:
Google is enforcing Android developer verification on September 30, 2026, blocking normal installs of unverified apps on certified Android phones in Brazil, Indonesia, S...
Google Android Developer Verifier enforcement rollout for verified app installs
Security Tool/ServiceAbout this happening: Google is enforcing Android developer verification on September 30, 2026, blocking normal installs of unverified apps on certified Android phones in Brazil, Indonesia, S...
Apple A12/A13 SecureROM USB DMA underflow with public usbliter8 exploit security flaw
Vulnerability
H score0
First: 19.06.2026 21:37
Last: 19.06.2026 21:37
Sources 1
About this happening:
A public usbliter8 exploit now reaches arbitrary code execution in Apple's SecureROM, exposing an unpatchable USB DMA underflow flaw across A12, A13, S4, and S5*...
Apple A12/A13 SecureROM USB DMA underflow with public usbliter8 exploit security flaw
VulnerabilityAbout this happening: A public usbliter8 exploit now reaches arbitrary code execution in Apple's SecureROM, exposing an unpatchable USB DMA underflow flaw across A12, A13, S4, and S5*...
Google Gemini on Android notification-injection bypass using Fake Context Alignment
Technical Analysis
H score16
First: 03.06.2026 22:11
Last: 03.06.2026 22:11
Sources 1
About this happening:
Researchers found a notification-based prompt-injection bypass in Google Gemini on Android that could turn hostile notification text into unauthorized assistant actions*...
Google Gemini on Android notification-injection bypass using Fake Context Alignment
Technical AnalysisAbout this happening: Researchers found a notification-based prompt-injection bypass in Google Gemini on Android that could turn hostile notification text into unauthorized assistant actions*...
Timeline
-
02.06.2026 14:10 4 articles · 1mo ago
Google releases June 2026 Android security patches for CVE-2025-48595
Mitigation Patch UpdateGoogle released the June 2026 Android security patches to address 124 vulnerabilities, including CVE-2025-48595, an actively abused Android Framework flaw that can enable code execution and privilege escalation on devices running Android 14 or later. Google said the issue may be under limited, targeted exploitation and issued the 2026-06-01 and 2026-06-05 security patch levels.
Show sources
- Google fixes one actively exploited Android zero-day, 124 flaws — www.bleepingcomputer.com — 02.06.2026 14:10
- Google fixes one actively exploited Android zero-day, 124 flaws — www.bleepingcomputer.com — 02.06.2026 14:10
- Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited — thehackernews.com — 02.06.2026 21:46
- CISA warns of active attacks exploiting Android, Linux bugs — www.bleepingcomputer.com — 03.06.2026 18:36