Google this week rolled out fixes for a total of 111 unique CVEs as part of the September 2025 set of Android patches, including exploited zero-days.
The exploited vulnerabilities, both privilege escalation issues, impact the Android Runtime (CVE-2025-48543) and Linux kernel (CVE-2025-38352).
“There are indications that the following may be under limited, targeted exploitation: CVE-2025-38352, CVE-2025-48543,” Google’s advisory reads.
https://www.securityweek.com/two-exploi ... n-android/