Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that “may be under limited, targeted exploitation.” About CVE-2025-27363 CVE-2025-27363 is an out of bounds write vulnerability in FreeType, an open-source software library that renders fonts (thus, text) onto digital displays (e.g., screens) and is used across many platforms, including Android, iOS, macOS, and Linux. FreeType has been the source of multiple security vulnerabilities over the years, mostly due … More

The post Actively exploited FreeType flaw fixed in Android (CVE-2025-27363) appeared first on Help Net Security.