Mishaal Rahman / Android Authority
TL;DR Google has published the December 2025 Security Bulletin, revealing a long list of severe vulnerabilities in Android.
These issues are expected to be patched with device-specific security updates dated December 05.
The list includes a few critical vulnerabilities in the Android Framework and at the system level.
Google has just released the Android Security Bulletin for December 2025, with a roster of all vulnerabilities that affect Android devices. Unlike the frequent Pixel (or manufacturer-specific) security updates, this bulletin lists all potential vulnerabilities that impact Android devices.
These vulnerabilities, affecting Android 13 or later, will be patched in the Android security update dated December 05, 2025, and delivered to your devices when the manufacturer releases the security update.
Don’t want to miss the best from Android Authority? Set us as a favorite source in Google Discover to never miss our latest exclusive reports, expert analysis, and much more.
to never miss our latest exclusive reports, expert analysis, and much more. You can also set us as a preferred source in Google Search by clicking the button below.
With the December Security Bulletin, Google addresses several vulnerabilities rated for “critical” and “high” degrees of severity. The gravest of all is a vulnerability in the Android Framework that could be exploited to remotely launch a denial-of-service attack against users, even without additional privileges.
Meanwhile, the most severe vulnerabilities at the system and kernel levels can be exploited to escalate permission levels even with the user’s explicit input. In addition, the Bulletin also lists vulnerabilities specific to Qualcomm, MediaTek, and Unisoc chipsets.
... continue reading