Synced 16 Jun 2026 15:24 UTC Account
← All products

Android

Google · Operating system
↻ RSS feed
Monitors Android and tailors your dashboard to that exact version.
all versions85/100 Good

Summary iPlain-English security verdict for Android, generated from its current health score, actively-exploited vulnerabilities, and latest supported version.

Android currently scores 85/100 — good. 14 actively-exploited vulnerabilities (CISA KEV) affect older releases (e.g. CVE-2011-0611) — staying on the latest supported version keeps you clear of them. It's largely safe; apply minor updates as they appear. Note: this product is assessed at the product level on recent (365-day) activity rather than an exact per-version match, so it is never marked a confident "healthy".

Disclosure trend iNew CVEs published for Android each year (NVD). A higher bar means more disclosures that year — more scrutiny, not necessarily less safe.

'19
'20
'21
'22
'23
'24
'25
'26

1 of its known vulnerability is linked to ransomware campaigns (CISA KEV).

Patch priority — what to act on iThe issues to fix first — actively exploited (CISA KEV) first, then by exploitation probability (EPSS), then severity. Each row's "→ fixed in" is the earliest version that patches it; "see advisory" means no fixed version is published.

Most urgent first — actively exploited, then likeliest to be exploited.

CVE-2011-0611 HIGH exploited CWE-843 EPSS 99% → see advisory CVE-2012-0754 HIGH exploited Out-of-bounds write EPSS 92% → see advisory CVE-2015-8651 HIGH exploited Integer overflow EPSS 68% → see advisory CVE-2011-0609 HIGH exploited EPSS 67% → see advisory CVE-2016-0984 HIGH exploited Use-after-free EPSS 55% → see advisory CVE-2011-1823 HIGH exploited Integer overflow EPSS 42% → fixed in 2.3.4 CVE-2017-5030 HIGH exploited Out-of-bounds read EPSS 42% → see advisory CVE-2016-5198 HIGH exploited Out-of-bounds write EPSS 35% → see advisory CVE-2017-5070 HIGH exploited CWE-843 EPSS 31% → see advisory CVE-2014-0502 HIGH exploited Double free EPSS 24% → see advisory CVE-2016-1019 CRITICAL exploited ransomware EPSS 22% → see advisory CVE-2016-1010 HIGH exploited Integer overflow EPSS 20% → see advisory

See all 2000 known Android CVEs & security history →

Get alerted about Android

Be emailed the moment Android gets a newly exploited vulnerability (CISA KEV) or a release reaches end of life. Free · double opt-in · unsubscribe anytime.

We email only on real events for Android — no marketing, no sharing, and we never know what you run. Track your whole stack →

Monitor up to 200 products — freeHit ☆ Monitor on anything you run, then sign in (no password) to sync your stack across devices and unlock smart insights, risk history & CSV/JSON exports. Sign in free →

Versions & lifecycle iWhen each release line stops receiving security patches (end-of-life). After EOL there are no more fixes — plan upgrades before these dates.

How long each Android release line is supported — and when it sunsets.

Mar2'26 Android 13ended 2026-03-02
Mar3'25 Android 12.1ended 2025-03-03
Mar3'25 Android 12ended 2025-03-03
Feb5'24 Android 11ended 2024-02-05
Mar6'23 Android 10ended 2023-03-06
Jan1'22 Android 9ended 2022-01-01
Jan10'21 Android 8.1ended 2021-01-10
Jan1'21 Android 8.0ended 2021-01-01
Oct1'19 Android 7.1ended 2019-10-01
Oct1'19 Android 7.0ended 2019-10-01
Aug1'18 Android 6.0ended 2018-08-01
Mar1'18 Android 5.1ended 2018-03-01

Full Android end-of-life dates & support timeline →

16 latest — Supported
15 latest — Supported
14 latest — Supported
13 latest — End of life ended 2026-03-02
12.1 latest — End of life ended 2025-03-03
12 latest — End of life ended 2025-03-03
11 latest — End of life ended 2024-02-05
10 latest — End of life ended 2023-03-06
9 latest — End of life ended 2022-01-01
8.1 latest — End of life ended 2021-01-10
See all upcoming end-of-life dates →

Frequently asked

Is Android safe and patched?

Android currently scores 85/100 — good. 14 actively-exploited vulnerabilities (CISA KEV) affect older releases (e.g. CVE-2011-0611) — staying on the latest supported version keeps you clear of them. It's largely safe; apply minor updates as they appear. Note: this product is assessed at the product level on recent (365-day) activity rather than an exact per-version match, so it is never marked a confident "healthy".

What should I do about Android now?

Review the patch-priority list, apply the available fixes (or move to the latest release), and confirm against Google's official advisory. Some issues are under active exploitation, so treat this as urgent.

Which versions of Android are still receiving security updates?

Supported Android release lines: 16, 15, 14. End-of-life releases no longer receive security patches.

product-level posture (last 365d); exact per-version verdict pending precise version mapping

Latest security news for Android BETA

Attributed third-party reporting linked to Android — newest first. We surface and link the source; we don’t assert our own findings. About Emerging →

Reported New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet FundsThe Hacker News · 16 Jun 2026 · medium confidence Reported Yarbo Android/iOS Mobile Application and Cloud InfrastructureCISA Advisories · 11 Jun 2026 · medium confidence

More across all tracked software on the Emerging feed →

Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against Google's official advisory before you patch or upgrade — Android official site ↗