Android Zero‑Click RCE via Wireless Debugging | CVE‑2026‑0073

追加: 2026-05-16

[00:00:00]What if your Android device could give someone on the same network a full control without you touching the phone at all?

[00:00:06]No app, no links. This is possible because of security issue in a wireless debugging that was disclosed last week.

[00:00:14]It allows attackers to bypass authentication and get access to device.

[00:00:18]I've tested it myself, not just on smartphone and tablet, but also on Google Chromecast TV and even Android smartwatches. Google rates this as critical and can lead to remote code execution without no user interactions, also known as zero-click. And it's not that radical. A working exploit is already public. You don't need a big setup, either. Even small portable devices can do this, such as NetHunter or UConsole. And yes, even if device is locked. The device shows a notification, but by then the connection is already there. If you are a developer or transfer files over wireless ADB, this is something you should know and keep your device updated. I have shared a full breakdown on my blog and complete explanation on YouTube. So, feel free to check it out and stay safe, stay updated.