Google Vulnerabilities
Comprehensive security vulnerability database for Google products
29
0
21
7
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2025-69279 | 7.5 | This vulnerability allows an attacker to remotely crash an Android device without needing special permissions. It occurs due to a failure to properly check input in the nr modem, which means that simply sending the right kind of data can disrupt the device's operation. | googleandroid | Theoretical | 29 days agoMar 9, 2026 |
| CVE-2025-69278 | 7.5 | This vulnerability allows an attacker to crash an Android device remotely, causing it to stop working properly. It requires no special permissions, meaning anyone can exploit it without needing to be logged in or have access to the device. | googleandroid | Theoretical | 29 days agoMar 9, 2026 |
| CVE-2025-61616 | 7.5 | This vulnerability allows an attacker to crash an Android device remotely, causing it to become unresponsive. It requires no special permissions, meaning anyone can exploit it simply by sending the right input to the device's modem. | googleandroid | Exploit Available | 29 days agoMar 9, 2026 |
| CVE-2025-61615 | 7.5 | This vulnerability allows an attacker to crash an Android device remotely, causing it to stop working properly. It can happen without needing any special permissions, simply by sending the device improper data. | googleandroid | Theoretical | 29 days agoMar 9, 2026 |
| CVE-2025-61614 | 7.5 | This vulnerability allows an attacker to remotely crash an Android device without needing special permissions, effectively causing a denial of service. It occurs due to the device not properly checking the input it receives, which can be exploited under certain conditions. | googleandroid | Theoretical | 29 days agoMar 9, 2026 |
| CVE-2025-61613 | 7.5 | This vulnerability allows an attacker to remotely crash an Android device without needing special permissions, causing a denial of service. It occurs due to the system not properly checking the input it receives, which can be exploited by sending malformed data to the modem. | googleandroid | Theoretical | 29 days agoMar 9, 2026 |
| CVE-2025-61612 | 7.5 | This vulnerability allows an attacker to remotely crash an Android device, causing it to stop working properly. It can be exploited without needing any special permissions, simply by sending malformed data to the device's modem. | googleandroid | Theoretical | 29 days agoMar 9, 2026 |
| CVE-2026-3136 | 8.6 | A remote attacker could execute arbitrary code in the build environment of Google Cloud Build due to improper authorization in the GitHub Trigger Comment Control feature. This vulnerability affected versions released before January 26, 2026, but it has since been patched, so no action is needed from users. | googlecloud build | Exploit Available | about 1 month agoMar 3, 2026 |
| CVE-2026-20445 | 4.4 | This vulnerability allows an attacker with system privileges to crash the Android device, leading to a local denial of service. The attacker does not need any user interaction to exploit this issue, but they must already have gained system-level access. | googleandroid | Exploit Available | about 1 month agoMar 2, 2026 |
| CVE-2026-20444 | 6.7 | This vulnerability allows an attacker with System privileges on an Android device to gain even higher access, potentially letting them control more sensitive parts of the system. The attacker does not need any user interaction to exploit this issue, but they must already have System privileges to take advantage of it. | googleandroid | Exploit Available | about 1 month agoMar 2, 2026 |
| CVE-2026-20443 | 6.7 | This vulnerability allows an attacker with System privileges on an Android device to escalate their access and potentially gain control over more sensitive parts of the system. The attacker does not need any user interaction to exploit this flaw, but they must already have System privileges to take advantage of it. | googleandroid | Theoretical | about 1 month agoMar 2, 2026 |
| CVE-2026-20442 | 4.4 | This vulnerability allows an attacker with system privileges on an Android device to crash the system, causing a denial of service. The attacker does not need any user interaction to exploit this flaw, but they must already have gained elevated privileges on the device. | googleandroid | Exploit Available | about 1 month agoMar 2, 2026 |
| CVE-2026-20441 | 6.7 | This vulnerability allows an attacker with System privileges on an Android device to potentially gain higher access levels, which could let them control more sensitive parts of the system. The attacker does not need any user interaction to exploit this flaw, but they must already have System privileges to take advantage of it. | googleandroid | Exploit Available | about 1 month agoMar 2, 2026 |
| CVE-2026-20440 | 6.7 | This vulnerability allows an attacker with System privileges on an Android device to gain even higher access, potentially letting them control more sensitive parts of the system. The attacker does not need any user interaction to exploit this flaw, but they must already have System privileges. | googleandroid | Exploit Available | about 1 month agoMar 2, 2026 |
| CVE-2026-20439 | 4.4 | An attacker with system privileges can cause a crash in the Android operating system, leading to a denial of service that disrupts device functionality. This vulnerability can be exploited without any user interaction, making it particularly concerning for devices already compromised by an attacker. | googleandroid | Exploit Available | about 1 month agoMar 2, 2026 |
| CVE-2026-20438 | 6.4 | This vulnerability allows an attacker with system-level access on an Android device to gain higher privileges, potentially enabling them to take control of the device. The attack can happen without any user interaction, but the attacker must already have system privileges to exploit it. | googleandroid | Exploit Available | about 1 month agoMar 2, 2026 |
| CVE-2026-20437 | 4.4 | This vulnerability allows an attacker with system privileges to crash the device, causing a denial of service without needing any user interaction. However, the attacker must already have gained elevated system access to exploit this issue. | googleandroid | Exploit Available | about 1 month agoMar 2, 2026 |
| CVE-2026-20429 | 4.4 | This vulnerability allows an attacker with system privileges on an Android device to read sensitive information from memory without permission. The attacker does not need any user interaction to exploit this flaw, making it a serious risk for devices that have already been compromised. | googleandroid | Exploit Available | about 1 month agoMar 2, 2026 |
| CVE-2026-20428 | 6.7 | This vulnerability allows an attacker with System privileges on an Android device to potentially gain higher access rights, enabling them to control more of the system. The attacker does not need any user interaction to exploit this flaw, but they must already have System-level access. | googleandroid | Exploit Available | about 1 month agoMar 2, 2026 |
| CVE-2026-20427 | 6.7 | This vulnerability allows an attacker with System privileges on an Android device to gain higher access levels, potentially letting them control more sensitive parts of the system. The attacker does not need any user interaction to exploit this weakness, making it a serious concern for devices already compromised. | googleandroid | Exploit Available | about 1 month agoMar 2, 2026 |
About Google Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Google products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.