This week Google issued fixes for 107 total security vulnerabilities, including two zero-day flaws, with the release of its Android Security Bulletin December 2025. The two high severity bugs, which have been actively exploited in the wild, are CVE-2025-48633, which is an information disclosure bug, and CVE-2025-48572, which is an elevation of privilege issue. Another critical bug that was fixed this month is CVE-2025-48631 which is a DoS (denial-of-service) flaw in the Android Framework.
The two…
