Google has released its latest Android Security Bulletin for August 2025, addressing multiple vulnerabilities across the Android ecosystem. Among the most notable vulnerabilities, CVE-2025-21479 and CVE-2025-27038 were reportedly exploited in the wild before this month’s security release. These are joined by CVE-2025-21480, another serious Qualcomm flaw disclosed in June 2025.
The two primary vulnerabilities, CVE-2025-21479 and CVE-2025-27038, have received CVSS scores of 8.6 and 7.5, respectively, indicating high to critical severity. A third, CVE-2025-21480, also scored 8.6 and is being closely monitored. All three were first publicly disclosed by Qualcomm in June, and while precise methods of exploitation have not been publicly revealed, there is credible intelligence suggesting they have been actively used in targeted attacks.
https://thecyberexpress.com/august-2025 ... -bulletin/