← All articles

Google June Android update fixes 124 flaws including exploited Framework zero-day CVE-2025-48595 - also added to CISA KEV same day

Google has released the June 2026 Android security patches addressing 124 vulnerabilities, including CVE-2025-48595, a high-severity Android Framework flaw under limited, targeted exploitation. Local attackers can abuse it to gain code execution and escalate privileges on Android 14 or later. Google fixed 18 critical vulnerabilities this cycle across System, Framework, and Qualcomm closed-source components; the most severe is a critical Framework flaw enabling remote privilege escalation with no user interaction. Two patch levels shipped (2026-06-01 and 2026-06-05). CISA added CVE-2025-48595 to its KEV catalog the same day. Pixel devices get updates immediately; other vendors typically lag. Similar Android Framework flaws have historically been abused by commercial spyware.

Check
Inventory Android fleet by version and patch level. Confirm devices show the 2026-06-05 patch level. Prioritize Android 14+ devices for CVE-2025-48595; push updates via MDM where possible.
Affected
Android 14 and later unpatched against the June 2026 update. CVE-2025-48595 is under limited targeted exploitation; high-interest individuals face the greatest risk from likely-spyware abuse.
Fix
Apply the June 2026 Android update (2026-06-05 patch level). Non-Pixel users: pressure OEMs for timely rollout. FCEB agencies must remediate CVE-2025-48595 per CISA KEV deadline.