Xiaomi empieza a lanzar el parche de seguridad de junio de 2026 para los primeros dispositivos

Xiaomi has begun rolling out the June 2026 Android security patch to its first devices. The update is now available for some Xiaomi and Redmi models in China and the EEA, confirming that the company has started publicly distributing the latest monthly security updates. The first confirmed HyperOS 3 releases include the Xiaomi 15 Pro, Xiaomi 15 Ultra, Xiaomi 15T Pro, Redmi K70 Ultra, and Xiaomi 14T Pro.

The new update focuses primarily on system security, rather than visible interface changes. According to Google’s June 2026 Android Security Bulletin, this month’s patch includes significant fixes for the Android framework, system, kernel, chipset, modem, GPU, and vendor-level components. Google also notes that a vulnerability may already be the target of a limited and targeted attack, making this update more important than a typical monthly patch.

First Xiaomi devices to receive the June 2026 security patch

The June 2026 security patch has begun rolling out to the first batch of eligible Xiaomi devices . The rollout currently includes versions for China and the EEA Global region. These updates are based on HyperOS 3 and bring the June 2026 Android security patch level to select flagship and performance-focused models.

• Xiaomi 15 Pro — China — OS3.0.304.0.WOBCNXM — June 1st Security Patch
• Xiaomi 15 Ultra — China — OS3.0.306.0.WOACNXM — June 1st Security Patch
• Xiaomi 15T Pro — EEA Global — OS3.0.304.0.WOSEUXM — June 1st Security Patch
• Xiaomi 14T Pro — EEA Global — OS3.0.302.0.WNNEUXM — June 1st Security Patch

This initial rollout shows that Xiaomi has already begun integrating the latest Android security patches from Google into public versions of HyperOS. More Xiaomi, Redmi, and POCO devices are expected to receive the same monthly security patch in the coming days and weeks.

Xiaomi OTA Update Planned Changelog

Xiaomi typically keeps the changelogs for monthly security updates very brief. Users who receive this update may see a simple changelog similar to the following:

• Android security patch updated to June 2026.
• System security has been increased.
• The overall stability of the system has been improved.

Although the OTA changelog may seem brief, the actual security content behind this update is much more extensive. The June 2026 Android Security Bulletin includes multiple critical and high-severity vulnerabilities affecting core Android components and manufacturer-level hardware.

What has changed?

The June 2026 Android security patch focuses on fixing vulnerabilities in the Android framework, system, kernel, and manufacturer components. These improvements help protect devices against privilege escalation, denial-of-service attacks, information disclosure, and other high-risk security issues.

• Critical vulnerabilities in the Android Framework have been fixed.
• Multiple vulnerabilities in Android system components have been corrected.
• Protection against remote privilege escalation risks has been improved.
• Protection against the risks of escalating local privileges has been improved.
• Denial-of-service vulnerabilities have been fixed.
• Information disclosure vulnerabilities have been resolved.
• Security improvements have been added at the Android kernel level.
• Qualcomm security patches have been added.
• MediaTek security patches have been added.
• The overall security of the Android platform on HyperOS devices has been improved.

Android framework fixes

One of the most important parts of this update relates to the Android framework component. Google states that the most serious vulnerability in this section could allow remote privilege escalation without requiring additional execution privileges. No user interaction is required for exploitation, making this fix especially important for Android users.

• CVE-2025-65018 — A critical privilege escalation vulnerability has been patched.
• CVE-2025-64720 — Critical denial-of-service vulnerability fixed.
• CVE-2025-48595 — High severity privilege escalation vulnerability fixed.

Google also notes that CVE-2025-48595 may be subject to limited and selective exploitation. This makes the June 2026 patch more important than a regular monthly security update, especially for users who want the latest protection against known Android security risks.

Android system component fixes

The Android system components also received many important security fixes. The most serious issue in this section could allow local privilege escalation without requiring additional execute privileges. No user interaction is needed for exploitation.

• CVE-2026-0043 — Critical system vulnerability corrected.
• CVE-2026-0097 — Critical system vulnerability corrected.
• CVE-2026-21352 — Critical system vulnerability fixed.
• CVE-2026-21353 — Critical system vulnerability fixed.
• CVE-2025-64505 — Critical denial-of-service vulnerability fixed.
• CVE-2026-0039 — Vulnerabilidad crítica de denegación de servicio solucionada.
• CVE-2026-0040 — Vulnerabilidad crítica de denegación de servicio solucionada.
• CVE-2026-0041 — Vulnerabilidad crítica de denegación de servicio solucionada.
• CVE-2026-0042 — Vulnerabilidad crítica de denegación de servicio solucionada.
• CVE-2026-0044 — Vulnerabilidad crítica de denegación de servicio solucionada.
• CVE-2026-0051 — Vulnerabilidad crítica de denegación de servicio corregida.
• CVE-2026-0052 — Vulnerabilidad crítica de denegación de servicio corregida.
• CVE-2026-0080 — Se ha solucionado una vulnerabilidad crítica de denegación de servicio.

Estas correcciones mejoran la protección contra riesgos de escalada de privilegios, denegación de servicio, divulgación de información y ejecución remota de código en dispositivos con Android.

Nivel de parche del 1 de junio de 2026 frente al del 5 de junio de 2026

El Boletín de seguridad de Android de junio de 2026 se divide en dos niveles de parches. Esta distinción es importante porque algunos dispositivos pueden recibir el nivel de parches del 1 de junio de 2026, mientras que otros pueden recibir el nivel de parches más completo del 5 de junio de 2026, dependiendo de la integración del fabricante y del calendario de implementación.

Nivel de parche de seguridad del 1 de junio de 2026

• Incluye correcciones de seguridad del marco de Android.
• Incluye correcciones de los componentes del sistema Android.
• Incluye correcciones de actualizaciones del sistema de Google Play.
• Aborda vulnerabilidades fundamentales de la plataforma Android.
• Se aplica a las versiones compatibles de Android 14, Android 15, Android 16 y Android 16 QPR2.

5 de junio de 2026 Nivel de parche de seguridad

• Incluye todas las correcciones de seguridad del 01/06/2026.
• Añade parches de seguridad del kernel de Android.
• Añade correcciones de seguridad de componentes de Qualcomm.
• Añade correcciones de componentes de código cerrado de Qualcomm.
• Añade correcciones para el módem, el precargador y Geniezone de MediaTek.
• Añade correcciones de seguridad para el módem de Unisoc.
• Añade correcciones de seguridad para la GPU Imagination PowerVR.

Las primeras actualizaciones de Xiaomi mencionadas arriba muestran el nivel de parche del 1 de junio. Esto significa que se centran principalmente en el contenido del parche de seguridad de Android del 1 de junio de 2026.

Mejoras de seguridad a nivel de fabricante

El parche completo de junio de 2026 también incluye varias correcciones de seguridad a nivel de proveedor. Estas actualizaciones son importantes para los dispositivos Xiaomi, Redmi y POCO, ya que Xiaomi utiliza las plataformas Qualcomm Snapdragon y MediaTek Dimensity en muchos de sus modelos.

• Kernel: A high-severity vulnerability in the Net subcomponent has been fixed.
• Qualcomm: Vulnerabilities in the Display component have been fixed.
• Qualcomm Closed Source Components: Several critical and high-severity vulnerabilities have been fixed.
• MediaTek: Security issues have been resolved in the modem, pre-charger, and Geniezone.
• GPU Imagination PowerVR: Multiple high-severity vulnerabilities in the GPU have been fixed.
• Unisoc: Multiple modem-related security vulnerabilities have been resolved.

Why this update is important for Xiaomi users

The June 2026 security patch may not bring new HyperOS features, but it strengthens the security foundation of Xiaomi devices. For users, this means better protection against known Android vulnerabilities and greater platform-level security.

• Improves the overall security of the device.
• It solves critical Android framework problems.
• It fixes multiple Android system vulnerabilities.
• Improves protection against known security threats.
• It may include major chipset-level fixes, depending on the patch level.
• It is recommended for all Xiaomi, Redmi and POCO users who meet the requirements.

How to download the update

You can check for a new update directly from your device settings. Since Xiaomi releases OTA updates in phases, availability may vary depending on the model, region, and deployment batch.

• Open Settings .
• Tap «About phone «.
• Open «HyperOS Version «.
• Tap Check for updates .

If the update isn’t available yet, you may have to wait for the OTA to reach your device or region. Xiaomi typically rolls out monthly security updates gradually in China, the rest of the world, the EEA, India, Turkey, Indonesia, Taiwan, and other regional versions.

More devices will receive it soon.

The rollout has begun with select Xiaomi and Redmi models, but more devices are expected to receive the June 2026 security patch soon. Flagship models typically receive new monthly patches first, followed by mid-to-high-end models and wider regional releases.

• More versions of the Xiaomi 15 series may follow soon.
• It is possible that more models from the Xiaomi 14 and Xiaomi 14T series will receive the patch later.
• Other Redmi and POCO devices are expected to join the launch gradually.
• Regional availability may vary between the China, Global, EEA, India, Türkiye, Indonesia, and Taiwan versions.