Google has released security updates to patch 129 Android security vulnerabilities, including an actively exploited zero-day flaw in a Qualcomm display component.
“There are indications that CVE-2026-21385 may be under limited, targeted exploitation,” the company said on Monday in its March 2025 Android Security Bulletin.
While Google didn’t provide any further information on the attacks currently targeting this vulnerability, Qualcomm revealed in a separate security advisory issued on February 3 that the flaw is an integer overflow or wraparound in the Graphics subcomponent that local attackers can exploit to trigger memory corruption.
Read more: bleepingcomputer.com
