On Monday, Google announced the deployment of new security updates for Android, which address nearly 130 vulnerabilities, including a zero-day exploit.
The zero-day vulnerability, designated as CVE-2026-21385, has a CVSS score of 7.8. It affects the graphics component of more than 200 Qualcomm chipsets. This flaw is characterized as an integer overflow or wraparound issue, which can lead to memory corruption during memory allocation processes.
Adam Boynton, a senior enterprise strategy manager at Jamf, explained that if this weakness is successfully exploited, attackers could potentially bypass security controls and gain unauthorized access to the system.
Qualcomm reported the vulnerability to Google’s Android Security team on December 18, 2025. The company informed its clients about CVE-2026-21385 on February 2, and the security defect was publicly disclosed on Monday.
Google's March 2026 security bulletin indicates that there are signs suggesting CVE-2026-21385 may be experiencing limited, targeted exploitation.
While Google has not provided specific details on the attacks that have been observed, such vulnerabilities are frequently targeted by commercial spyware vendors.
This month’s Android updates include fixes for the vulnerability, arriving as the 2026-03-05 security patch level. This update addresses over 60 vulnerabilities across various components, including those from kernel, Arm, Imagination Technologies, MediaTek, Unisoc, and Qualcomm.
The first part of the updates, released with the 2026-03-01 security patch level, resolves over 50 vulnerabilities in the Framework and System components. Among these are critical issues that could lead to remote code execution (RCE) and denial-of-service (DoS) attacks.
Google noted, “The most severe of these issues is a critical security vulnerability in the System component that could enable remote code execution without requiring additional execution privileges, and without the need for user interaction.”
Devices operating on the 2026-03-05 security patch level or higher will have patches for all identified vulnerabilities.
In addition to the Android updates, Google has also released fixes for two vulnerabilities affecting Wear OS, impacting the platform’s Framework and System components. The latest Wear OS update includes patches for all security defects outlined in Android's March 2026 security bulletin.
Google confirmed that there are no platform-specific patches included in this month's updates for Android Automotive OS and Android XR.
