Google patches 107 Android flaws, including two being actively exploited

Google has patched 107 vulnerabilities in Android in its December 2025 Android Security Bulletin, including two high-severity flaws that are being actively exploited. The December updates are available for Android 13, 14, 15, and 16. Android vendors are notified of all issues at least a month...

📄 WhatsApp Android Contact Gating Bypass

WhatsApp Android has a contact gating bypass in groups that leads to interaction-less media download. Background To prevent security issues and spam, WhatsApp for Android requires some form of user interaction to automatically download files from non-contacts: a. After adding someone as a contact...

WhiteLie: A Robust System for Spoofing User Data in Android Platforms

Android employs a permission framework that empowers users to either accept or deny sharing their private data for example, location with an app. However, many apps tend to crash when they are denied permission, leaving users no choice but to allow access to their data in order to use the app. In...

tutor-android (=19.0.0), tutor-cairn (>=19.0.0 <=19.0.4) +32 more potentially affected by CVE-2025-65681 via tutor (=19.0.5)

tutor PYPI version =19.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on tutor and may be impacted: - tutor-android =19.0.0 - tutor-cairn =19.0.0, =19.0.0, =18.4.0, =19.0.0, =18.3.0, =19.0.0, =19.0.0, =19.0.0, =19.0.0, =19.1.3 -...

CVE-2025-63435

Xtooltech Xtool AnyScan Android App 4.40.40 is affected by Missing Authentication for Critical Function. The server-side endpoint that serves update packages does not require authentication, allowing an unauthenticated remote attacker to download official update packages. Public documents do not ...

Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time

Google has disclosed that the company's continued adoption of the Rust programming language in Android has resulted in the number of memory safety vulnerabilities falling below 20% of total vulnerabilities for the first time. "We adopted Rust for its security and are seeing a 1000x reduction in...

CVE-2025-64741

Improper authorization handling in Zoom Workplace for Android before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access...

PT-2025-46927

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 129.0.6668.58 Description A flaw exists in the handling of Intents in Google Chrome on Android. This issue could allow a remote attacker to perform UI spoofing by using a specially crafted HTML page...

EUVD-2025-50788

Out of bounds read in WebGPU in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2025-12728

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2025-12728

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-11209

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-11213

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-11213

CVE-2025-11213 describes an Omnibox implementation issue in Google Chrome on Android that allows domain spoofing via a crafted HTML page when a user is persuaded to perform specific UI gestures. The available connected documents confirm a Chromium/Chrome family fix in the 141.0.7390.54+ range, wi...

CVE-2025-11209

CVE-2025-11209 concerns an insecure implementation in the Android Omnibox of Google Chrome that allowed spoofing the URL bar via a crafted HTML page. Connected documents confirm the issue relates to Chromium-based Chrome/Chromium, with remediation via upgrading to version 141.0.7390.54 or newer (...

Exploit for CVE-2025-48593

⚠️ CRITICAL ⚠️ CVE-2025-48593 - Zero-Click RCE in Android Syste...

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Mojo in Google Chrome on Android, Linux, and ChromeOS before version 140.0.7339.127 allowed a remote attacker to bypass site isolation through a crafted HTML page. Chromium security severity: High...

CVE-2025-61482

The CVE-2025-61482 vulnerability affects privacyIDEA Authenticator for Android (version 4.3.0). A local attacker with root access can bypass two-factor authentication by hooking cryptographic routines and intercepting decryption paths to recover plaintext secrets, enabling generation of valid OTP...

Linux Distros Unpatched Vulnerability : CVE-2025-11718

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange...

SUSE CVE-2025-11718

When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event. This vulnerability was fixed in Firefox 144...