Android Security Update Fixes 129 Vulnerabilities, Including Actively Exploited Zero-Day
By AnuPriya
March 3, 2026
Categories:
Cyber Security NewsCybersecurityVulnerability
Google released its March 2026 Android Security Bulletin, patching 129 vulnerabilities across the Android ecosystem.
This update sets a record for the highest number of fixes in a single month. It splits into two patch levels: 2026-03-01 for core Android flaws and 2026-03-05 for hardware-specific issues.
Device makers can roll out the first level quickly, then add the rest.
The Zero-Day Alert: CVE-2026-21385
The standout threat is CVE-2026-21385 in Qualcomm’s Display and Graphics component. Google warns of limited, targeted exploitation in the wild.
This high-severity integer overflow leads to memory corruption, letting attackers bypass security and compromise devices. Zero-days in display tech often aid advanced hackers in real-world attacks.
The 2026-03-01 patches fix severe flaws in Android’s base:
CVE-2026-0006 (System): Critical remote code execution (RCE) with no user interaction needed; attackers could seize control remotely.
CVE-2025-48631 (System): Critical denial-of-service (DoS) that crashes devices remotely.
Other fixes target framework and system elevation-of-privilege (EoP), information disclosure (ID), and DoS issues, all high severity.
Core Android Platform (2026-03-01)
CVE ID Component Type Severity
CVE-2026-0006 System RCE Critical
CVE-2025-48631 System DoS Critical
CVE-2026-0047 Framework EoP Critical
CVE-2025-32313 Framework EoP High
CVE-2025-48544 Framework EoP High
Kernel/Virtualization (2026-03-05)
CVE ID Subcomponent Type Severity
CVE-2024-43859 Flash-Friendly File System EoP Critical
CVE-2026-0037 pKVM EoP Critical
CVE-2026-0038 Hypervisor EoP Critical
Vendor/Hardware (2026-03-05)
CVE ID Vendor Subcomponent Severity
CVE-2026-21385 Qualcomm Display (Exploited) High
CVE-2025-47394 Qualcomm Kernel High
CVE-2025-2879 Arm Mali GPU High
The 2026-03-05 level patches kernel EoP in pKVM and Hypervisor, plus high-severity issues from Qualcomm, Arm, Imagination Technologies, MediaTek, Unisoc, and OEMs like VBMeta.
Update to 2026-03-05 or later via your device maker. Enable Google Play Protect for ongoing app scanning.
Google will push AOSP source patches within 48 hours. Unpatched devices risk RCE, EoP, and crashes. Act fast against this zero-day and critical vulnerability.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google.
Share
Facebook
Twitter
Pinterest
WhatsApp
AnuPriya
Any Priya is a cybersecurity reporter at Cyber Press, specializing in cyber attacks, dark web monitoring, data breaches, vulnerabilities, and malware. She delivers in-depth analysis on emerging threats and digital security trends.
Recent Articles
Google Brings Lazy Loading to Video and Audio in Chrome Update
Chrome April 6, 2026
Critical Claude Code Flaw Ignores User-Defined Security Rules
Cyber Security News April 6, 2026
Drift Protocol Loses $286 Million In Suspected North Korea-Linked Hack
cryptocurrency April 6, 2026
GitHub-Hosted Malware Delivered Through LNK Files In South Korea Attack Wave
Cyber Security News April 6, 2026
Fake CI Updates Fuel GitHub Actions Attack Chain Stealing Secrets and Tokens
Cyber Security News April 6, 2026
Related Stories
Chrome
Google Brings Lazy Loading to Video and Audio in Chrome Update
AnuPriya - April 6, 2026
Cyber Security News
Critical Claude Code Flaw Ignores User-Defined Security Rules
AnuPriya - April 6, 2026
cryptocurrency
Drift Protocol Loses $286 Million In Suspected North Korea-Linked Hack
Varshini - April 6, 2026
Cyber Security News
GitHub-Hosted Malware Delivered Through LNK Files In South Korea Attack Wave
Varshini - April 6, 2026
Cyber Security News
Fake CI Updates Fuel GitHub Actions Attack Chain Stealing Secrets and Tokens
Varshini - April 6, 2026
APT
North Korea’s Cyber Operations Adopt Modular Malware To Resist Disruption
Varshini - April 6, 2026
LEAVE A REPLY
Comment:
Name:*
Email:*
Website: