Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
Google released its June 2026 Android security bulletin on Monday, patching 124 vulnerabilities across the operating system. Among them is CVE-2025-48595, a high-severity privilege escalation flaw in the Framework component with a CVSS score of 8.4. This vulnerability is under active exploitation and requires no user interaction, making it particularly dangerous. The update also addresses other critical and high-severity issues in components such as the kernel, MediaProvider, and System. Users are urged to install the patch immediately, as the exploited flaw could allow attackers to gain elevated privileges on affected devices. The update is available for supported Pixel devices and other Android handsets via the Android Open Source Project (AOSP).
Actively exploited privilege escalation flaw requires immediate patching to prevent device compromise.