Android CVE Vulnerabilities

By Google6 known vulnerabilities

Also tracked as: samsung/android
Critical
0
High
4
Medium
2
Low
0
None
0

All Android CVEs

Recent Highest Score Oldest
CVE-2026-0073
8.8 high

In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution as the shell user with no additional execution privileges needed. User interaction is not needed for ex

May 4, 2026
CVE-2025-48615
7.8 high

In getComponentName of MediaButtonReceiverHolder.java, there is a possible desync in persistence due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Dec 8, 2025
CVE-2025-48612
7.8 high

In setDefaultKey of DefaultPaymentSettings.java, there is a possible way for an application to set the main user's default NFC payment setting due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ne

Dec 8, 2025
CVE-2025-48600
5.5 medium

In multiple files, there is a possible way to reveal information across users due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Dec 8, 2025
CVE-2025-48581
8.4 high

In VerifyNoOverlapInSessions of apexd.cpp, there is a possible way to block security updates due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Sep 4, 2025
CVE-2017-13165
5.3 medium

An elevation of privilege vulnerability in the kernel file system. Product: Android. Versions: Android kernel. Android ID A-31269937.

Dec 6, 2017