Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA KEV remediation for Android and Linux vulnerabilities

Advisory/Mitigation
First reported
Last updated
Happening score
H score 57
1 unique sources, 1 articles

Summary

Hide ▲

CISA’s KEV update forced federal agencies to remediate CVE-2025-48595 and CVE-2022-0492 in Android and the Linux kernel before the June 5 deadline, or stop using the affected software. The directive turns the two flaws into an immediate compliance and exposure issue for government environments.

Related Happenings

CISA KEV catalog addition for SonicWall SMA 1000 flaws

Public Sector Action
H score34 First: 15.07.2026 08:30 Last: 15.07.2026 08:30 Sources 1

About this happening: CISA added CVE-2026-15409 and CVE-2026-15410 affecting SonicWall SMA 1000 appliances to the KEV catalog, turning the flaws into a federal remediation priority for...

CISA KEV directive for Joomla extension flaws

Public Sector Action
H score36 First: 13.07.2026 18:20 Last: 13.07.2026 18:20 Sources 1

About this happening: CISA added the Joomla extension flaws to the KEV catalog and ordered federal agencies to apply updates or mitigations within three days, tightening remediation tim...

CISA BOD 26-04 three-day remediation directive

Public Sector Action
H score36 First: 24.06.2026 17:35 Last: 24.06.2026 17:35 Sources 1

About this happening: CISA's BOD 26-04 requires federal agencies to apply available security updates or vendor-recommended mitigations within three days, accelerating remediation for acti...

Android Framework code execution and privilege escalation flaw (CVE-2025-48595)

Vulnerability
H score40 First: 02.06.2026 14:10 Last: 02.06.2026 14:10 Sources 1

How related: The most recent flaw the agency added to its Known Exploited Vulnerabilities (KEV) catalog, CVE-2025-48595, is a high-severity integer overflow vulnerability in the Android Framework, which can be leveraged for increased privileges.

About this happening: Google's June 2026 Android security patches now cover CVE-2025-48595, an actively exploited Android Framework flaw that can lead to code execution and privilege...

Google security patch release for CVE-2025-48595

Security Patch Release
H score45 First: 02.06.2026 14:10 Last: 02.06.2026 14:10 Sources 1

How related: The issue has been addressed with the release of June 2026 security patches (2026-06-01 and 2026-06-05 security patch levels).

About this happening: Google's June 2026 Android security patches address 124 vulnerabilities, including an actively exploited zero-day. The release ships as the 2026-06-01 and 2026-0...

Timeline

  1. 03.06.2026 18:36 2 articles · 1mo ago

    CISA adds Android and Linux vulnerabilities to KEV

    Legal Policy Action Update

    CISA warns that hackers are exploiting CVE-2025-48595 in the Android Framework and CVE-2022-0492 in the Linux kernel, and adds both flaws to the Known Exploited Vulnerabilities catalog. Federal agencies bound by BOD 22-01 must apply vendor-provided security updates and mitigations, or stop using the impacted software, by June 5. Google says CVE-2025-48595 may be under limited targeted exploitation in the wild, affects Android 14 through 16, requires no user interaction, and was addressed in June 2026 security patches.

    Show sources