Update Your Android ASAP to Fix These 129 Security Vulnerabilities.
Google released its March Android security bulletin containing fixes for 129 vulnerabilities, one of which is a zero-day vulnerability in a Qualcomm display component that is possibly susceptible to “targeted, limited exploitation.”
The latest update also fixes 10 critical vulnerabilities in Android components. CVE-2026-0006 is a remote code execution vulnerability in the System component that could be exploited by attackers without additional privileges or user interaction. CVE-2025-48631 is a denial of service vulnerability in the System component, and CVE-2026-0047 is a privilege escalation vulnerability in the Framework component. Seven critical privilege escalation vulnerabilities have been fixed in kernel components.
Google is also addressing issues in components from Qualcomm, MediaTek, Arm, Misc OEM, Unisoc, and Imagination Technologies that may not affect all Android devices.
Fixed one zero-day vulnerability.
The zero-day vulnerability addressed by this security update is an integer overflow or loop in a Qualcomm Graphics subcomponent, which allows local attackers to cause memory corruption. The vulnerability, designated CVE-2026-21385, affects 235 Qualcomm chipsets. According to Qualcomm’s own security advisory , the vulnerability was reported on December 18, 2025, by the Google Android security team, and customers were notified on February 2, 2026.
Update your Android as soon as possible.
Android users should install the latest security update as soon as it’s available—you should receive a notification prompting you to do so. Google releases updates for its own Pixel devices and the Android Open Source Project (AOSP) core codebase, while other manufacturers release updates for their devices around the same time. If you have a Samsung, Motorola, or Nokia device, for example, you may experience a slight delay.
There are two patch levels, labeled 2026-03-01 and 2026-03-05, with the latter fixing all issues included in the former. This month’s patches apply to AOSP versions 14, 15, 16, and 16-qpr2. You can check for available updates in Settings > Security & Privacy > System & Updates > Security Update .