Find notable cyber news and cases, enriched with sources, timelines, and signals.

Android Framework code execution and privilege escalation flaw (CVE-2025-48595)

Vulnerability
First reported
Last updated
Happening score
H score 40
2 unique sources, 3 articles

Summary

Hide ▲

Google's June 2026 Android security patches now cover CVE-2025-48595, an actively exploited Android Framework flaw that can lead to code execution and privilege escalation on Android 14 or later devices. Google said the vulnerability may be under limited, targeted exploitation, making timely patching important for exposed devices. The flaw was already tracked in the March 2025 Android Security Bulletin and is now fixed in the 2026-06-01 and 2026-06-05 patch levels.

Related Happenings

Google Dialogflow CX Code Blocks shared-runtime isolation security flaw

Vulnerability
H score32 First: 07.07.2026 19:37 Last: 07.07.2026 19:37 Sources 1

About this happening: Google Dialogflow CX Code Blocks had a shared-runtime isolation flaw that could let one editable agent affect other Code Block-enabled agents in the same Google Cloud pr...

Google Play Protect adds warnings and app disabling for compromised SDK abuse

Security Tool/Service
H score11 First: 03.07.2026 12:35 Last: 03.07.2026 12:35 Sources 1

About this happening: Google Play Protect was updated in July 2026 to warn Android users automatically and disable apps tied to compromised SDKs, limiting abuse of consumer devices...

Google Android Developer Verifier enforcement rollout for verified app installs

Security Tool/Service
H score14 First: 22.06.2026 15:45 Last: 22.06.2026 15:45 Sources 1

About this happening: Google is enforcing Android developer verification on September 30, 2026, blocking normal installs of unverified apps on certified Android phones in Brazil, Indonesia, S...

Apple A12/A13 SecureROM USB DMA underflow with public usbliter8 exploit security flaw

Vulnerability
H score0 First: 19.06.2026 21:37 Last: 19.06.2026 21:37 Sources 1

About this happening: A public usbliter8 exploit now reaches arbitrary code execution in Apple's SecureROM, exposing an unpatchable USB DMA underflow flaw across A12, A13, S4, and S5*...

Google Gemini on Android notification-injection bypass using Fake Context Alignment

Technical Analysis
H score16 First: 03.06.2026 22:11 Last: 03.06.2026 22:11 Sources 1

About this happening: Researchers found a notification-based prompt-injection bypass in Google Gemini on Android that could turn hostile notification text into unauthorized assistant actions*...

Timeline

  1. 02.06.2026 14:10 4 articles · 1mo ago

    Google releases June 2026 Android security patches for CVE-2025-48595

    Mitigation Patch Update

    Google released the June 2026 Android security patches to address 124 vulnerabilities, including CVE-2025-48595, an actively abused Android Framework flaw that can enable code execution and privilege escalation on devices running Android 14 or later. Google said the issue may be under limited, targeted exploitation and issued the 2026-06-01 and 2026-06-05 security patch levels.

    Show sources