Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Android Framework code execution and privilege escalation flaw (CVE-2025-48595)

Vulnerability
First reported
Last updated
Happening score
H score 28
1 unique sources, 1 articles

Summary

Hide ▲

Google's June 2026 Android security patches now cover CVE-2025-48595, an actively exploited Android Framework flaw that can lead to code execution and privilege escalation on Android 14 or later devices. Google said the vulnerability may be under limited, targeted exploitation, making timely patching important for exposed devices. The flaw was already tracked in the March 2025 Android Security Bulletin and is now fixed in the 2026-06-01 and 2026-06-05 patch levels.

Related Happenings

Android 17 expands platform security and privacy protections

Security Tool/Service
First: 12.05.2026 20:00 Last: 12.05.2026 20:00 Sources 1

About this happening: **Android 17** will add a broad set of **Google**-backed security and privacy controls next month, reducing exposure to **banking scam calls**, **device theft**, and **OTP theft**...

Open Happening

Qualcomm Android Graphics buffer over-read actively exploited memory corruption flaw (CVE-2026-21385)

Vulnerability
First: 03.03.2026 09:08 Last: 03.03.2026 09:08 Sources 1

About this happening: A **Qualcomm Graphics** buffer over-read flaw, **CVE-2026-21385**, is being **exploited in the wild** in **Android devices**, creating high-severity risk for affected systems. Qua...

Open Happening

Google Play Protect and Play Integrity API expand Android anti-abuse controls in 2025

Security Tool/Service
First: 19.02.2026 19:00 Last: 19.02.2026 19:00 Sources 1

About this happening: Google expanded **Play Protect** and **Play Integrity API** anti-abuse controls for Android apps in **2025**, strengthening protection across the app ecosystem. The update matters...

Open Happening

Android framework information disclosure and elevated-access flaws under limited targeted exploitation (multiple vulnerabilities)

Vulnerability
First: 02.12.2025 13:15 Last: 02.12.2025 13:15 Sources 1

About this happening: **Google** patched **CVE-2025-48633** and **CVE-2025-48572**, two **Android framework** flaws that may be under **limited, targeted exploitation**, leaving **Android 13-16** devic...

Open Happening

Google Quick Share gains AirDrop interoperability on Pixel 10

Security Tool/Service
First: 21.11.2025 15:00 Last: 21.11.2025 15:00 Sources 1

About this happening: **Google Quick Share** now interoperates with **Apple AirDrop**, creating a new cross-platform file-sharing path that matters for users moving files between **Android** and **iPho...

Open Happening

Timeline

  1. 02.06.2026 14:10 2 articles · 3h ago

    Google releases June 2026 Android security patches for CVE-2025-48595

    Mitigation Patch Update

    Google released the June 2026 Android security patches to address 124 vulnerabilities, including CVE-2025-48595, an actively abused Android Framework flaw that can enable code execution and privilege escalation on devices running Android 14 or later. Google said the issue may be under limited, targeted exploitation and issued the 2026-06-01 and 2026-06-05 security patch levels.

    Show sources
    Open in new tab