Google Vulnerabilities
Comprehensive security vulnerability database for Google products
9
0
21
7
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2025-69279 | 7.5 | This vulnerability allows an attacker to remotely crash an Android device without needing special permissions. It occurs due to a failure to properly check input in the nr modem, which means that simply sending the right kind of data can disrupt the device's operation. | googleandroid | Theoretical | 29 days agoMar 9, 2026 |
| CVE-2025-69278 | 7.5 | This vulnerability allows an attacker to crash an Android device remotely, causing it to stop working properly. It requires no special permissions, meaning anyone can exploit it without needing to be logged in or have access to the device. | googleandroid | Theoretical | 29 days agoMar 9, 2026 |
| CVE-2025-61616 | 7.5 | This vulnerability allows an attacker to crash an Android device remotely, causing it to become unresponsive. It requires no special permissions, meaning anyone can exploit it simply by sending the right input to the device's modem. | googleandroid | Exploit Available | 29 days agoMar 9, 2026 |
| CVE-2025-61615 | 7.5 | This vulnerability allows an attacker to crash an Android device remotely, causing it to stop working properly. It can happen without needing any special permissions, simply by sending the device improper data. | googleandroid | Theoretical | 29 days agoMar 9, 2026 |
| CVE-2025-61614 | 7.5 | This vulnerability allows an attacker to remotely crash an Android device without needing special permissions, effectively causing a denial of service. It occurs due to the device not properly checking the input it receives, which can be exploited under certain conditions. | googleandroid | Theoretical | 29 days agoMar 9, 2026 |
| CVE-2025-61613 | 7.5 | This vulnerability allows an attacker to remotely crash an Android device without needing special permissions, causing a denial of service. It occurs due to the system not properly checking the input it receives, which can be exploited by sending malformed data to the modem. | googleandroid | Theoretical | 29 days agoMar 9, 2026 |
| CVE-2025-61612 | 7.5 | This vulnerability allows an attacker to remotely crash an Android device, causing it to stop working properly. It can be exploited without needing any special permissions, simply by sending malformed data to the device's modem. | googleandroid | Theoretical | 29 days agoMar 9, 2026 |
| CVE-2026-3136 | 8.6 | A remote attacker could execute arbitrary code in the build environment of Google Cloud Build due to improper authorization in the GitHub Trigger Comment Control feature. This vulnerability affected versions released before January 26, 2026, but it has since been patched, so no action is needed from users. | googlecloud build | Exploit Available | about 1 month agoMar 3, 2026 |
| CVE-2026-20416 | 7.2 | This vulnerability allows an attacker with system-level access on an Android device to gain higher privileges, potentially letting them take control of the device. The attacker does not need any user interaction to exploit this flaw, but they must already have system privileges to start with. | googleandroid | Exploit Available | about 1 month agoMar 2, 2026 |
About Google Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Google products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.