Here’s a little heads-up for all you mobile aficionados out there. Google has just shared its May 2025 security bulletin for this month’s update, and it’s packed with fixes for a whopping 46 security vulnerabilities found on Android. That’s a lot of digital patching to keep our devices safe and sound. However, there’s a dark side since one of the vulnerabilities has been exploited.

There’s one particular fix in this update that’s got our attention, and for good reason. Google has confirmed that one of these security flaws has actually been exploited in the wild. The specific vulnerability in question is labeled as CVE-2025-27363. It got a CVSS severity score of 8.1, which is considered high. According to Google, this issue stems from the “System” component of Android. What makes it particularly concerning is that it could allow for local code execution without needing any extra special permissions.

Android’s May 2025 security update fixes a vulnerability that was being exploited

In plain English, this means that if someone managed to exploit this flaw on your device, they could potentially run malicious code without needing to trick you into doing anything out of the ordinary. As Google themselves stated in their advisory, “User interaction is not needed for exploitation.”

Interestingly, tech giant Meta (the folks behind Facebook) had actually disclosed this very same vulnerability back in March 2025. The company noted that it was being exploited in the wild at that time. It turns out that CVE-2025-27363 is rooted in the same open-source font rendering library called FreeType that Meta was referring to a couple of months ago. Google has addressed this issue in the latest Android’s May 2025 security update by implementing versions of FreeType newer than 2.13.0.

The exact details of these attacks are still under wraps. However, Google did acknowledge in their security bulletin that “There are indications that CVE-2025-27363 may be under limited, targeted exploitation.“

Other fixes included

Beyond this critical exploited vulnerability, Google’s May update also tackles a bunch of other potential problems. This includes fixing eight additional flaws in the core Android system. There are fixes for another 15 vulnerabilities in the Framework module. These other fixes aim to prevent things like privilege escalation (where an app gains more access than it should), information disclosure (where sensitive data could be leaked), and denial of service (where your device could be made unusable).