If you own a OnePlus phone, there's something you should know. A serious security flaw has been discovered that could let malicious apps sneakily read your text messages. This vulnerability, uncovered by cybersecurity experts at Rapid7, affects numerous OnePlus phones running different versions of Oxygen OS.

Imagine someone secretly reading all your texts, including those sensitive 2-factor authentication codes we all rely on! The issue, known as CVE-2025-10184, allows malicious apps to access your SMS and MMS data without you even knowing. That means hackers could potentially spy on your private conversations or bypass security measures.

Rapid7 confirmed the vulnerability on OnePlus 8T and 10 Pro models running Oxygen OS 12, 14, and 15. Since it affects a core Android system, experts warn it could impact other OnePlus devices running those Oxygen OS versions. To make matters worse, Rapid7 had trouble reporting the bug to OnePlus initially due to restrictive disclosure terms, leading them to go public with the information.

OnePlus has acknowledged the problem and says a fix is coming in October. Until then, if you're using OxygenOS 12 or newer, you're at risk. So, what can you do? The best thing is to avoid installing apps from sources you don't fully trust. Be extra careful about what you download until the update arrives.