Information disclosure while exposing internal TA-to-TA communication APIs to HLOS
https://www.theregister.com/2025/12/02/android_0_days/
https://www.bleepingcomputer.com/news/security/google-fixes-two-android-zero-days-exploited-in-attacks-107-flaws/
https://securityaffairs.com/185226/security/googles-latest-android-security-update-fixes-two-actively-exploited-flaws.html
https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html
Source: Mitre, NVD
Published: 2025-12-18
Updated: 2026-01-28
Base Score: 5
Vector: CVSS2#AV:L/AC:L/Au:M/C:C/I:P/A:N
Severity: Medium
Base Score: 6.7
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N
EPSS: 0.00012
