Google has launched safety updates to patch 129 Android safety vulnerabilities, together with an actively exploited zero-day flaw in a Qualcomm show element.
“There are indications that CVE-2026-21385 could also be below restricted, focused exploitation,” the corporate stated on Monday in its March 2025 Android Safety Bulletin.
Whereas Google did not present any additional info on the assaults at present focusing on this vulnerability, Qualcomm revealed in a separate safety advisory issued on February 3 that the flaw is an integer overflow or wraparound within the Graphics subcomponent that native attackers can exploit to set off reminiscence corruption.
Qualcomm says it was alerted to this high-severity vulnerability on December 18, and it notified clients on February 2. In accordance with its February advisory, which has but to flag CVE-2026-21385 as exploited in assaults, the safety flaw impacts 235 Qualcomm chipsets.
With this month’s Android safety updates, Google fastened 10 essential safety vulnerabilities within the System, Framework, and Kernel elements that attackers exploit to realize distant code execution, elevate privileges, or set off denial-of-service circumstances.
“Essentially the most extreme of those points is a essential safety vulnerability within the System element that might result in distant code execution with no extra execution privileges wanted. Consumer interplay shouldn’t be wanted for exploitation,” Google stated.
Google issued two units of patches: the 2026-03-01 and 2026-03-05 safety patch ranges. The latter bundles all fixes from the primary batch, in addition to patches for closed-source third-party and kernel subcomponents, which can not apply to all Android gadgets.
Whereas Google Pixel gadgets obtain safety updates instantly, different distributors usually take longer to check and tweak them for particular {hardware} configurations.
Google and Qualcomm spokespersons weren’t instantly out there for remark when contacted by BleepingComputer earlier in the present day concerning the CVE-2026-21385 assaults and their targets.
Google launched patches for two different high-severity zero-day vulnerabilities (CVE-2025-48633 and CVE-2025-48572) in December, each of which have been additionally tagged as “below restricted, focused exploitation.”
Malware is getting smarter. The Crimson Report 2026 reveals how new threats use math to detect sandboxes and conceal in plain sight.
Obtain our evaluation of 1.1 million malicious samples to uncover the highest 10 methods and see in case your safety stack is blinded.
