Google Patches 124 Android Flaws as Exploited CVE-2025-48595 Hits Android 14-16
Updated
Updated · Notebookcheck.net · Jun 29
Google Patches 124 Android Flaws as Exploited CVE-2025-48595 Hits Android 14-16
3 articles · Updated · Notebookcheck.net · Jun 29
Summary
Google’s June Android update fixes 124 vulnerabilities, led by CVE-2025-48595, a critical Framework flaw already used in limited targeted attacks.
CVE-2025-48595 lets attackers gain elevated privileges without any user action, affecting devices on Android 14, 15, 16 and Android 16 QPR2.
The rollout comes in two patch levels: June 1, 2026 covers core Android components and 18 critical bugs, while June 5 adds kernel and Qualcomm and MediaTek driver fixes.
Either June 1 or June 5 patch status is enough for protection, but delivery still depends on phone makers—Pixels usually get updates first, newer Samsung models often follow within days, and older mid-range phones can wait weeks.