CISA KEV remediation for Android and Linux vulnerabilities
Advisory/Mitigation
Summary
Hide ▲
Show ▼
CISA’s KEV update forced federal agencies to remediate CVE-2025-48595 and CVE-2022-0492 in Android and the Linux kernel before the June 5 deadline, or stop using the affected software. The directive turns the two flaws into an immediate compliance and exposure issue for government environments.
Related Happenings
Android Framework code execution and privilege escalation flaw (CVE-2025-48595)
Vulnerability
First: 02.06.2026 14:10
Last: 02.06.2026 14:10
Sources 1
How related:
The most recent flaw the agency added to its Known Exploited Vulnerabilities (KEV) catalog, CVE-2025-48595, is a high-severity integer overflow vulnerability in the Android Framework, which can be leveraged for increased privileges.
About this happening:
Google's **June 2026 Android security patches** now cover **CVE-2025-48595**, an **actively exploited Android Framework** flaw that can lead to **code execution** and **privilege...
Android Framework code execution and privilege escalation flaw (CVE-2025-48595)
VulnerabilityHow related: The most recent flaw the agency added to its Known Exploited Vulnerabilities (KEV) catalog, CVE-2025-48595, is a high-severity integer overflow vulnerability in the Android Framework, which can be leveraged for increased privileges.
About this happening: Google's **June 2026 Android security patches** now cover **CVE-2025-48595**, an **actively exploited Android Framework** flaw that can lead to **code execution** and **privilege...
Google security patch release for CVE-2025-48595
Security Patch Release
First: 02.06.2026 14:10
Last: 02.06.2026 14:10
Sources 1
How related:
The issue has been addressed with the release of June 2026 security patches (2026-06-01 and 2026-06-05 security patch levels).
About this happening:
Google's **June 2026 Android security patches** address **124 vulnerabilities**, including an **actively exploited zero-day**. The release ships as the **2026-06-01** and **2026-0...
Google security patch release for CVE-2025-48595
Security Patch ReleaseHow related: The issue has been addressed with the release of June 2026 security patches (2026-06-01 and 2026-06-05 security patch levels).
About this happening: Google's **June 2026 Android security patches** address **124 vulnerabilities**, including an **actively exploited zero-day**. The release ships as the **2026-06-01** and **2026-0...
CISA orders FCEB patching for CVE-2026-9082
Public Sector Action
First: 26.05.2026 11:46
Last: 26.05.2026 11:46
Sources 1
About this happening:
**CISA** added **CVE-2026-9082** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Drupal** by **May 27**, turning an actively exploited flaw into a mandatory federa...
CISA orders FCEB patching for CVE-2026-9082
Public Sector ActionAbout this happening: **CISA** added **CVE-2026-9082** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Drupal** by **May 27**, turning an actively exploited flaw into a mandatory federa...
CISA KEV order for Copy Fail on federal Linux devices
Public Sector Action
First: 08.05.2026 10:45
Last: 08.05.2026 10:45
Sources 1
About this happening:
**CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...
CISA KEV order for Copy Fail on federal Linux devices
Public Sector ActionAbout this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...
CISA KEV action for CVE-2026-31431 and FCEB remediation
Public Sector Action
First: 03.05.2026 09:26
Last: 03.05.2026 09:26
Sources 1
About this happening:
CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...
CISA KEV action for CVE-2026-31431 and FCEB remediation
Public Sector ActionAbout this happening: CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...
Timeline
-
03.06.2026 18:36 2 articles · 3h ago
CISA adds Android and Linux vulnerabilities to KEV
Legal Policy Action UpdateCISA warns that hackers are exploiting CVE-2025-48595 in the Android Framework and CVE-2022-0492 in the Linux kernel, and adds both flaws to the Known Exploited Vulnerabilities catalog. Federal agencies bound by BOD 22-01 must apply vendor-provided security updates and mitigations, or stop using the impacted software, by June 5. Google says CVE-2025-48595 may be under limited targeted exploitation in the wild, affects Android 14 through 16, requires no user interaction, and was addressed in June 2026 security patches.
Show sources
- CISA warns of active attacks exploiting Android, Linux bugs — www.bleepingcomputer.com — 03.06.2026 18:36
- CISA warns of active attacks exploiting Android, Linux bugs — www.bleepingcomputer.com — 03.06.2026 18:36