Google Fixes Actively Exploited Android Zero-Day Vulnerability

Google has released its June 2026 Android security update, addressing a high-severity zero-day vulnerability that the company confirmed has been exploited in real-world attacks. The flaw, tracked as CVE-2025-48595, affects Android 14, Android 15, Android 16 and Android 16 QPR2 devices and has been included in the latest monthly security bulletin.

The newly patched vulnerability resides within the Android Framework and is classified as an elevation-of-privilege flaw. Google said the issue has been subject to “limited, targeted exploitation,” although the company did not provide additional details about the scale of the attacks or the specific targets involved.

As one of the world’s largest technology platforms, Android remains a frequent target for cybercriminals and state-sponsored threat actors. Google relies on its Project Zero security research team and external bug bounty programs to identify and address vulnerabilities across its ecosystem. While the company’s most recent Chrome update resolved 151 security flaws without evidence of active exploitation, the Android bulletin confirmed that CVE-2025-48595 had already been abused by attackers before a fix became available.

According to threat intelligence information associated with the vulnerability, an unauthenticated local user could exploit an integer overflow flaw to execute arbitrary code and elevate privileges on a device. Successful exploitation could potentially result in complete system compromise, allowing attackers to access sensitive information, alter files and interfere with device operations.

Google also warned that the vulnerability does not require user interaction to be exploited. The absence of authentication requirements and the lack of any action needed from the victim increase the potential risk posed by the flaw.

Users are advised to install the latest Android security update as soon as it becomes available for their devices. Google confirmed that devices running the security patch level dated 2026-06-05 are protected against exploitation of CVE-2025-48595. Android users can verify their current security patch level by navigating to the About Phone section and checking the Android version information in device settings.