www.securityweek.com 6/2/2026, 2:41:10 PM · external

Google patches Android zero day CVE‑2025‑48595 among 124 fixes

Google patches Android zero day CVE‑2025‑48595 among 124 fixes
Developing story vulnerability 6 articles tracked
CISA adds Linux kernel CVE-2022-0492 and Android CVE-2025-48595 to KEV catalogue
CyberSIXT Evidence Panel
Primary Source source.android.com
CISA KEV Not in KEV
Patch Patch Status Unknown

GOOGLE announced a new Android update aimed at patching 124 vulnerabilities, including a critical zero-day exploit (CVE-2025-48595) linked to privilege escalation in Android's Framework. Though exploitation details remain scarce, it indicates targeted attacks are occurring. The update also addresses 18 critical vulnerabilities capable of privilege escalation and DoS attacks, with some affecting Qualcomm components. Only one vulnerability (CVE-2026-0059) allows for remote code execution. The rise of commercial spyware vendors poses a growing risk as they develop sophisticated exploits for government clients.

View Primary Source Via www.securityweek.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline