GOOGLE announced a new Android update aimed at patching 124 vulnerabilities, including a critical zero-day exploit (CVE-2025-48595) linked to privilege escalation in Android's Framework. Though exploitation details remain scarce, it indicates targeted attacks are occurring. The update also addresses 18 critical vulnerabilities capable of privilege escalation and DoS attacks, with some affecting Qualcomm components. Only one vulnerability (CVE-2026-0059) allows for remote code execution. The rise of commercial spyware vendors poses a growing risk as they develop sophisticated exploits for government clients.
Google patches Android zero day CVE‑2025‑48595 among 124 fixes
CyberSIXT Evidence Panel
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
Drupal SQL Injection Exploit: Critical Flaw Exploited in the Wild with Public PoC
cybersixt.com
-
CISA adds Linux kernel CVE-2022-0492 and Android flaw to KEV list
cybersixt.com
-
CISA Adds CVE-2025-48595 to Known Exploited Vulnerabilities Catalogue
cybersixt.com
-
CISA Flags Linux Kernel Flaw CVE-2022-0492 in KEV Catalogue
cybersixt.com
-
Google patches Android zero day CVE‑2025‑48595 among 124 fixes
www.securityweek.com
-
Google patches Android zero‑day bug in Qualcomm, MediaTek chips
cybersixt.com