A high‑severity Android zero‑day has been exposed in a Qualcomm graphics/display component and is already being exploited in limited, targeted attacks, tracked as CVE-2026-21385. According to Google, the vulnerability is present in a Qualcomm graphics/display component used by a large number of Android chipsets, with well over 230 different models affected.
Based on recent Android and chipset market‑share data, it is reasonable to assume the issue affects hundreds of millions of devices worldwide, even if the exact number cannot be pinned down. Google’s March 2026 Android Security Bulletin notes that exploitation has signs of ongoing use, while patches are available for devices with a patch level of 2026-03-05 or later.
Users are urged to keep Android, Google Play services, and device software up to date to receive the latest security fixes, and to follow standard precautions such as installing apps only from official stores and scrutinising app permissions. Malwarebytes recommends considering real‑time protection for Android to help guard against exploitation attempts.