Google Patches Actively Exploited Android Flaw Affecting Millions of Devices

Google released June 2026 Android security updates addressing 124 vulnerabilities, including CVE-2025-48595 (CVSS 8.4), an actively exploited integer overflow in the Android Framework that can lead to local privilege escalation and code execution on devices running Android 14–16; Google and CISA note limited, targeted exploitation, patches were issued (2026-06-01 and 2026-06-05), and fragmentation of Android updates means many devices may remain vulnerable.