Google’s Security may be updated It is released for Android, and includes improvement for 46 security flaws, in which the company says that the wild has been actively exploited.
Google says the vulnerability is limited, being tracked as targeted exploitation Cve-2025-27363 And there is a CVSS score of 8.1 which makes it a defect of high-seriousness.
This defect is in the system component and no user interaction is required for exploitation. It lies in an open-source font rendering library, and writes a type of type of out-by-bound, which can cause code execution when the Truetype GX or variable font files are ponds. Due to its location, it can lead to local code execution without the need of any additional privileges.
The CVE-2025-27363 was first revealed by Facebook in March 2025, but now it has been removed more than 2.13.0 in the Freetyp versions. Other flaws in May Android updates include eight weaknesses in Android systems and 15 in framework modules, which can be used for privilege increase, information disclosure or denial or DDOS attacks.
Google has said in security update that exploitation of these issues is more difficult than increase in new versions of Android platforms, and the company encourages all users to update the latest version of Android where possible. They also encourage users to use Google Play Protects so that they get information about potentially dangerous apps.
