Remote Privilege Escalation in Android Launchers
CVE-2025-48626

Currently unrated

Key Information:

Vendor

Google
Status
Android
Vendor
CVE Published:
8 December 2025

What is CVE-2025-48626?

A vulnerability exists in the Android Launcher that allows an attacker to launch applications from the background due to a failure in precondition checks. This flaw can be exploited to escalate privileges without requiring any user interaction, making it a significant security concern for users of affected versions of the Android Launcher. Attackers could potentially manipulate the system to execute unauthorized commands or access sensitive data. The issue highlights the importance of rigorous security protocols in application design to prevent unauthorized access.

Affected Version(s)

Android 16

Android 15

Android 14

References

https://android.googlesource.com/platform/packages/apps/L...
https://android.googlesource.com/platform/frameworks/base...
https://source.android.com/security/bulletin/2025-12-01

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-48626 : Remote Privilege Escalation in Android Launchers