Google has patched a critical remote code execution vulnerability in Android's System component, tracked as CVE-2026-0073, that affects the Android Debug Bridge daemon and can be exploited without user interaction. The flaw allows attackers to execute code as the shell user without needing additional privileges, though there's no indication it has been exploited in the wild yet. In related news, Google has significantly boosted its Android bug bounty program, now offering up to one point five million dollars for certain zero-click exploits.