Mishaal Rahman / Android Authority
TL;DR
- Google has published the December 2025 Security Bulletin, revealing a long list of severe vulnerabilities in Android.
- These issues are expected to be patched with device-specific security updates dated December 05.
- The list includes a few critical vulnerabilities in the Android Framework and at the system level.
Google has just released the Android Security Bulletin for December 2025, with a roster of all vulnerabilities that affect Android devices. Unlike the frequent Pixel (or manufacturer-specific) security updates, this bulletin lists all potential vulnerabilities that impact Android devices.
These vulnerabilities, affecting Android 13 or later, will be patched in the Android security update dated December 05, 2025, and delivered to your devices when the manufacturer releases the security update.
Don’t want to miss the best from Android Authority?
With the December Security Bulletin, Google addresses several vulnerabilities rated for “critical” and “high” degrees of severity. The gravest of all is a vulnerability in the Android Framework that could be exploited to remotely launch a denial-of-service attack against users, even without additional privileges.
Meanwhile, the most severe vulnerabilities at the system and kernel levels can be exploited to escalate permission levels even with the user’s explicit input. In addition, the Bulletin also lists vulnerabilities specific to Qualcomm, MediaTek, and Unisoc chipsets.
To make sure your devices remain protected from these vulnerabilities, ensure you update your device with the latest security patch.
Additionally, Google has also updated the Security Bulletins for Android Automotive and Wear OS, but there are no vulnerabilities to be listed in each.
Thank you for being part of our community. Read our Comment Policy before posting.
