Google Patches Android Zero-Day Vulnerability in June 2026 Security Update
Google’s June 2026 Android security release addresses dozens of vulnerabilities across the operating system, including one flaw that the company says may already be under attack in the real world.
According to Google’s June Android Security Bulletin, the most severe issue fixed this month is a critical vulnerability in the Android Framework component that could allow remote privilege escalation without requiring user interaction.
“The most severe of these issues is a critical security vulnerability in the Framework component that could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation,” Google said in the bulletin.
The actively abused flaw, tracked as CVE-2025-48595, sits inside the Android Framework, the layer of APIs and system services that apps communicate with directly. Google noted there are indications the vulnerability may be involved in “limited, targeted exploitation.”
The bug affects devices running Android 14, Android 15, Android 16, and Android 16 QPR2. The vulnerability is an elevation-of-privilege flaw within Android’s Framework component that could give attackers access to a compromised device.
Beyond the zero-day, the June bulletin is one of the more substantial security releases of the year. The most severe issue fixed this month is CVE-2025-65018, a critical Framework vulnerability that could enable remote elevation of privilege without requiring user interaction. Google noted that exploitation could occur without any additional execution privileges.
The System component also received significant attention, with critical fixes for CVE-2026-0043, CVE-2026-0097, CVE-2026-21352, and CVE-2026-21353, bugs that could allow local privilege escalation without user input.
Chipset vendors weren’t left out either. Google additionally patched vulnerabilities in kernel components and incorporated security fixes from Qualcomm, MediaTek, Imagination Technologies, and Unisoc. Among the vendor-specific fixes are three critical vulnerabilities in Qualcomm closed-source components, tracked as CVE-2025-47392, CVE-2026-25276, and CVE-2026-25277.
The June 2026 fixes are available through security patch levels 2026-06-01 and 2026-06-05, with the latter incorporating all fixes from both patch levels.
Play Store gets a visual refresh
Alongside security patches, Google published its June 2026 Google System Services release notes detailing new features for Google Play services and the Play Store.
One of the most noticeable changes arrives with Google Play Store version 51.7. The update redesigns app purchase and download dialogs across phones, Android TV devices, and Android Auto systems.
Google said, “[Auto, Phone, TV] You’ll get a refreshed design in Play Store dialogs when you get or buy an app to continue.”
The company is also making app discounts easier to spot. Sale prices, promotional offers, and expiration dates now appear more prominently throughout the storefront. According to Google’s release notes, “[Phone] With this update, sales prices and discount details, such as offer and dates, are clearer and more visible across the Play Store.”
Easier app pre-registration and new notifications
Google is also streamlining how users sign up for upcoming apps and games. Previously, pre-registration and automatic installation operated as separate processes. With the June update, both functions are combined into a single workflow.
Google said, “[Phone] With this update, pre-registration and auto-install use a single flow.” The Play Store is also gaining additional promotional notifications. Users can now receive alerts for monthly challenges and Loyalty MAX challenges through Play Store pop-up banners.
Another addition allows users to discover more content related to apps they have already installed. Google said users can now view app content directly from installed app listing pages and browse similar material through Play Collections.
Advertisement
Password manager improvements arrive
Google Play Services version 26.21 introduces a notable security and convenience feature for password management.
According to Google’s release notes, “[Phone] You can now import and export passwords and passkeys between Google Password Manager and third-party password managers with the Credential Exchange standard.” The update also adds new tools for developers building apps that use Google Maps-related functionality.
Rollout underway
Google System updates are delivered separately from full Android operating system upgrades and reach a wide range of devices, including Android phones, tablets, Wear OS smartwatches, Android TV and Google TV devices, Android Auto systems, and ChromeOS hardware.
As with previous monthly releases, some features may take time to become widely available. Google notes that the appearance of a feature in release notes does not necessarily mean it has launched for all users immediately.
Also read: Google’s Android patch comes as Chrome adds DBSC protections to make stolen session cookies harder for attackers to use.
About Author
