By Davey Winder
Publication Date: 2026-05-16 12:29:00
Google’s own hackers disclose holy grail of Pixel 10 security vulnerabilities.
dpa/picture alliance via Getty Images
Back in January, the Google hackers known as Project Zero, detailed a zero-click exploit chain for the Pixel 9. Now the same folk, tasked by Google itself to study zero-day vulnerabilities in hardware and software, have disclosed that they were able to write a similar exploit chain for Pixel 10 using what they have labeled the Holy Grail of kernel vulnerabilities. The good news is that the Pixel 10 vulnerability was patched in the February Pixel security bulletin, some 71 days after Project Zero reported it using the Android Vulnerability Rewards Program. Now Project Zero has gone public and told the story of how they did it.
Google Hackers Use Zero-Click Exploit To Escalate Pixel 10 Privileges To Root
“Achieving arbitrary read-write on the kernel with this vulnerability required…

