Android has patched a remote code execution flaw.

Google’s November 2025 Android update fixes two vulnerabilities in the System component which allows remote code execution without user interaction. The flaw affects Android versions 13 through 16 and stems from insufficient input validation. A second vulnerability could enable privilege escalation via logic errors in system updates. No exploitation has been observed in the wild, but users are urged to update promptly.

Read more:

https://www.securityweek.com/android-update-patches-critical-remote-code-execution-flaw/