The two zero-day vulnerabilities that were being actively exploited include an elevation of privilege flaw in the Android kernel (CVE-2025-38352) and another in the Android Runtime component (CVE-2025 ...