← Back to home
wid-sec-w-2026-0569  ·  Published 2026-03-02  ·  View on BSI CERT-Bund ↗

Google Android: Multiple Vulnerabilities

CVSS 9.8 CRITICAL CISA KEV — Known Exploited

Risk Summary

In Modem, there is a possible read of uninitialized heap data due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01676750; Issue ID: MSV-4653.

CVEs (116)

CVE-2024-43766 CVE-2024-43859 CVE-2025-10865 CVE-2025-13952 CVE-2025-20760 CVE-2025-20761 CVE-2025-20762 CVE-2025-20793 CVE-2025-20794 CVE-2025-20795 CVE-2025-2879 CVE-2025-32313 CVE-2025-38616 CVE-2025-38618 CVE-2025-39682 CVE-2025-39946 CVE-2025-40266 CVE-2025-47339 CVE-2025-47346 CVE-2025-47348 CVE-2025-47366 CVE-2025-47378 CVE-2025-47385 CVE-2025-47388 CVE-2025-47394 CVE-2025-47395 CVE-2025-47396 CVE-2025-47397 CVE-2025-47398 CVE-2025-47402 CVE-2025-48544 CVE-2025-48567 CVE-2025-48568 CVE-2025-48574 CVE-2025-48577 CVE-2025-48578 CVE-2025-48579 CVE-2025-48582 CVE-2025-48585 CVE-2025-48587 CVE-2025-48602 CVE-2025-48605 CVE-2025-48609 CVE-2025-48613 CVE-2025-48619 CVE-2025-48630 CVE-2025-48631 CVE-2025-48634 CVE-2025-48635 CVE-2025-48641 CVE-2025-48642 CVE-2025-48644 CVE-2025-48645 CVE-2025-48646 CVE-2025-48650 CVE-2025-48653 CVE-2025-48654 CVE-2025-58407 CVE-2025-58408 CVE-2025-58409 CVE-2025-58411 CVE-2025-59600 CVE-2025-61612 CVE-2025-61613 CVE-2025-61614 CVE-2025-61615 CVE-2025-61616 CVE-2025-64783 CVE-2025-64784 CVE-2025-64893 CVE-2025-69278 CVE-2025-69279 CVE-2026-0005 CVE-2026-0006 CVE-2026-0007 CVE-2026-0008 CVE-2026-0010 CVE-2026-0011 CVE-2026-0012 CVE-2026-0013 CVE-2026-0014 CVE-2026-0015 CVE-2026-0017 CVE-2026-0020 CVE-2026-0021 CVE-2026-0023 CVE-2026-0024 CVE-2026-0025 CVE-2026-0026 CVE-2026-0027 CVE-2026-0028 CVE-2026-0029 CVE-2026-0030 CVE-2026-0031 CVE-2026-0032 CVE-2026-0034 CVE-2026-0035 CVE-2026-0037 CVE-2026-0038 CVE-2026-0047 CVE-2026-20401 CVE-2026-20402 CVE-2026-20403 CVE-2026-20404 CVE-2026-20405 CVE-2026-20406 CVE-2026-20420 CVE-2026-20421 CVE-2026-20422 CVE-2026-20425 CVE-2026-20426 CVE-2026-20427 CVE-2026-20428 CVE-2026-20434 CVE-2026-21385 CVE-2026-21735

Affected Vendors

Google

Affected Products (10)

Google · Android 14 <2026-03-01
Google · Android 14 2026-03-01
Google · Android 15 <2026-03-01
Google · Android 15 2026-03-01
Google · Android 16-qpr2 <2026-03-01
Google · Android 16-qpr2 2026-03-01
Google · Android 16 <2026-03-01
Google · Android 16 2026-03-01
Google · Android <2026-03-05
Google · Android 2026-03-05

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more