Critical Remote Code Execution Vulnerability Patched in Android

Google announced on Monday the release of an Android update patching a critical vulnerability that can be exploited for remote code execution.

The flaw, tracked as CVE-2026-0073, affects Android’s System component, allowing an attacker to exploit it to execute code as the shell user without additional execution privileges. User interaction is not required for exploitation. 

The advisory reveals that the issue impacts ‘adbd’ (Android Debug Bridge daemon), a background process running on Android devices that manages communication between the device and a computer, facilitating debugging and shell access.

Google has informed users that no patches have been released this month for Wear OS, Pixel Watch, Android XR, and Android Automotive. 

There is no indication that CVE-2026-0073 has been exploited in malicious attacks.

Only one Android vulnerability patched this year has been flagged as exploited in the wild. 

Several flaws were exploited in attacks last year, including CVE-2024-43093, CVE-2024-50302, CVE‑2025‑27038, CVE-2025-48543, and CVE-2025-38352.

Google announced last week that it has significantly increased maximum bug bounty payouts for Android device vulnerabilities, offering up to $1.5 million for a zero-click Pixel Titan M exploit with persistence.

Related: Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users

Related: Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

Related: Severe StrongBox Vulnerability Patched in Android