Google fixes actively exploited Android vulnerability (CVE-2025-48595)
Google has announced the June 2026 Android security updates, which fix a bucketload of vulnerabilities, including a high-severity vulnerability (CVE-2025-48595) in the Android Framework that “may be under limited, targeted exploitation.”
About CVE-2025-48595
CVE-2025-48595 is an integer overflow vulnerability in the Android Framework, a set of APIs and system services that apps interact with directly.
The flaw allows attackers to escalate privileges on a vulnerable device, and they may gain complete access to the device and data on it.
Successful exploitation does not hinge on user interaction, and the attack vector is local, which most likely means that the vulnerability is being exploited via a malicious app that targeted users have been tricked into installing.
CVE-2025-48595 is present across Android versions 14, 15, 16, and 16-qpr2 (Quarterly Platform Release 2).
The vulnerability’s NVD description seems to suggest that there are several vulnerable code paths, and hopefully Google’s patch has closed all of them off.
More vulnerabilities addressed
The June 2026 security updates will also patch other critical and high-severity vulnerabilities in the Android Framework, System (core Android daemons and services), Google Play system components, the Linux kernel, and third-party chipset components.
Core Android OS fixes are addressed at patch level 2026-06-01, while devices running patch level 2026-06-05 or later will receive the full set of fixes, including those for kernel and chipset components.
“We notify our Android partners of all issues at least a month before publishing the bulletin,” Google noted, and said that Android device and chipset manufacturers may also publish security vulnerability details specific to their products.
“Within 48 hours after the initial publication of this bulletin, we will release the corresponding source code patches to the Android Open Source Project (AOSP) repository,” the company added.
Subscribe to our breaking news e-mail alert to never miss out on the latest breaches, vulnerabilities and cybersecurity threats. Subscribe here!