Android studio
This hub aggregates every CVE we track for Android studio, a product in the mobile apps space. Use it to gauge the current risk picture and drill into individual advisories.
73
CVEs tracked
5
Critical
29
High
0
In CISA KEV
Severity distribution
MEDIUM35HIGH29CRITICAL5LOW4
Monthly trend
1
0
1
3
0
0
0
7
0
0
2
0
1
1
4
10
0
2
5
1
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Android studio.
- CVE-2026-1703Limited path traversal when installing wheel archives3.5
- CVE-2026-24400AssertJ has XML External Entity (XXE) vulnerability when parsing untrusted XML via isXmlEqualTo assertion7.3
- CVE-2026-21945Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java...7.5
- CVE-2026-21933Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Ja...6.1
- CVE-2026-21932Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: AWT, JavaFX). Supported versions that are affected are Oracle J...7.4
- CVE-2026-21925Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: RMI). Supported versions that are affected are Oracle Java SE: ...4.8
- CVE-2025-67735Netty has a CRLF Injection vulnerability in io.netty.handler.codec.http.HttpRequestEncoder6.5
- CVE-2025-66453Rhino vulnerable high CPU usage and potential DoS when passing specific numbers to toFixed() function7.5
- CVE-2025-61748Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Jav...3.7
- CVE-2025-53066Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE:...7.5
- CVE-2025-53057Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java...5.9
- CVE-2025-59419Netty netty-codec-smtp SMTP Command Injection Vulnerability Allowing Email Forgery5.3
- CVE-2025-59734Heap-buffer-overflow write in FFmpeg SANM process_ftch6.4
- CVE-2025-59733Heap-buffer-overflow write in FFmpeg EXR dwa_uncompress6.5
- CVE-2025-59732Heap-buffer-overflow write in FFmpeg EXR dwa_uncompress6.4
Product normalization is registry-driven with AI assist and human review. How it works