Android Security Update Fixes 129 Vulnerabilities, Including Actively Exploited Zero-Day - cyberpress.org

Android Security Update Fixes 129 Vulnerabilities, Including Actively Exploited Zero-Day By AnuPriya March 3, 2026 Categories: Cyber Security NewsCybersecurityVulnerability Google released its March 2026 Android Security Bulletin, patching 129 vulnerabilities across the Android ecosystem. This update sets a record for the highest number of fixes in a single month. It splits into two patch levels: 2026-03-01 for core Android flaws and 2026-03-05 for hardware-specific issues. Device makers can roll out the first level quickly, then add the rest. The Zero-Day Alert: CVE-2026-21385 The standout threat is CVE-2026-21385 in Qualcomm’s Display and Graphics component. Google warns of limited, targeted exploitation in the wild. This high-severity integer overflow leads to memory corruption, letting attackers bypass security and compromise devices. Zero-days in display tech often aid advanced hackers in real-world attacks. The 2026-03-01 patches fix severe flaws in Android’s base: CVE-2026-0006 (System): Critical remote code execution (RCE) with no user interaction needed; attackers could seize control remotely. CVE-2025-48631 (System): Critical denial-of-service (DoS) that crashes devices remotely. Other fixes target framework and system elevation-of-privilege (EoP), information disclosure (ID), and DoS issues, all high severity. Core Android Platform (2026-03-01) CVE ID Component Type Severity CVE-2026-0006 System RCE Critical CVE-2025-48631 System DoS Critical CVE-2026-0047 Framework EoP Critical CVE-2025-32313 Framework EoP High CVE-2025-48544 Framework EoP High Kernel/Virtualization (2026-03-05) CVE ID Subcomponent Type Severity CVE-2024-43859 Flash-Friendly File System EoP Critical CVE-2026-0037 pKVM EoP Critical CVE-2026-0038 Hypervisor EoP Critical Vendor/Hardware (2026-03-05) CVE ID Vendor Subcomponent Severity CVE-2026-21385 Qualcomm Display (Exploited) High CVE-2025-47394 Qualcomm Kernel High CVE-2025-2879 Arm Mali GPU High The 2026-03-05 level patches kernel EoP in pKVM and Hypervisor, plus high-severity issues from Qualcomm, Arm, Imagination Technologies, MediaTek, Unisoc, and OEMs like VBMeta. Update to 2026-03-05 or later via your device maker. Enable Google Play Protect for ongoing app scanning. Google will push AOSP source patches within 48 hours. Unpatched devices risk RCE, EoP, and crashes. Act fast against this zero-day and critical vulnerability. Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google. Share Facebook Twitter Pinterest WhatsApp AnuPriya Any Priya is a cybersecurity reporter at Cyber Press, specializing in cyber attacks, dark web monitoring, data breaches, vulnerabilities, and malware. She delivers in-depth analysis on emerging threats and digital security trends. Recent Articles Hackers Exploit GitHub Copilot Vulnerability to Exfiltrate Sensitive Data Cyber Security News April 10, 2026 HPE Aruba Private 5G Platform Vulnerability Enables Credential Theft Attacks Cyber Security News April 10, 2026 ProSpy Spyware Spread Through Fake Messaging Apps In Middle East Campaign APT April 10, 2026 Malicious OpenVSX Extension Delivers GlassWorm To VS Code, Cursor, and Windsurf Users Cyber Security News April 10, 2026 Threat Actors Exploit GitHub and GitLab For Malware Delivery and Phishing Operations Cyber Security News April 10, 2026 Related Stories Cyber Security News Hackers Exploit GitHub Copilot Vulnerability to Exfiltrate Sensitive Data AnuPriya - April 10, 2026 Cyber Security News HPE Aruba Private 5G Platform Vulnerability Enables Credential Theft Attacks AnuPriya - April 10, 2026 APT ProSpy Spyware Spread Through Fake Messaging Apps In Middle East Campaign Varshini - April 10, 2026 Cyber Security News Malicious OpenVSX Extension Delivers GlassWorm To VS Code, Cursor, and Windsurf Users Varshini - April 10, 2026 Cyber Security News Threat Actors Exploit GitHub and GitLab For Malware Delivery and Phishing Operations Varshini - April 10, 2026 Cyber Security News Multiple TP-Link Vulnerabilities Allow Attackers to Seize Full Device Control AnuPriya - April 10, 2026 LEAVE A REPLY Comment: Name:* Email:* Website: