All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

CISA adds actively exploited Android and Linux kernel flaws to KEV catalog, mandates federal patching by June 5

By

BleepingComputer

1h ago· 1 min readenNews
Bagel score 80 of 100
80/100
Golden Brown
Bagelometer

Hand-rolled, kettle-boiled, baked to perfection. Worth every minute at the bakery.

Score80TypenewsSentimentnegative

Summary

CISA has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2025-48595 in the Android Framework (affecting Android 14 through 16) and CVE-2022-0492 in the Linux kernel (enabling container escape and root access). Both are under active exploitation, with federal agencies required to patch by June 5. The Android flaw requires no user interaction to exploit.

Key quotes

· 3 pulled
CISA has added CVE-2025-48595 in the Android Framework and CVE-2022-0492 in the Linux kernel to its Known Exploited Vulnerabilities catalog after evidence of exploitation.
The Android flaw affects Android 14 through 16 and the Linux issue can enable container escape and root access on affected systems, with federal patching required by June 5.
The Android Framework flaw affects Android 14 through 16 and needs no user interaction.
Snippet from the RSS feed
CISA has added CVE-2025-48595 in the Android Framework and CVE-2022-0492 in the Linux kernel to its Known Exploited Vulnerabilities catalog after evidence of exploitation. The Android flaw affects Android 14 through 16 and the Linux issue c...

You might also wanna read

First CVE Vulnerability Discovered in Linux Kernel's Rust Code

The first CVE vulnerability has been assigned to Rust code in the Linux kernel, specifically affecting the Android Binder rewrite in Rust. T

phoronix.com·5mo ago

Exploiting CVE-2024-50264: Using Kernel-Hack-Drill to Overcome Linux Kernel Vulnerability Challenges

This technical article details the exploitation of CVE-2024-50264, a challenging Linux kernel vulnerability that won the Pwnie Award 2025 fo

a13xp0p0v.github.io·9mo ago

Dirty Frag (CVE-2026-43284): Critical Linux Kernel Root Exploit Disclosed — Second Major Vulnerability in Eight Days

A critical Linux kernel vulnerability called "Dirty Frag" (CVE-2026-43284 and CVE-2026-43500) has been publicly disclosed, giving root acces

Copahost·25d ago

Copy Fail (CVE-2026-31431): A Linux Kernel Vulnerability Enabling Container Escape to Host Root on Kubernetes

Two weeks ago, the vulnerability Copy Fail (CVE-2026-31431) was disclosed — a dangerous Linux local-privilege escalation vulnerability that

xint.io·15d ago

Security researchers adapt Pixel 9 exploit chain to target Google Pixel 10

This article describes how security researchers adapted an exploit chain originally developed for the Google Pixel 9 to work on the Pixel 10

projectzero.google·19d ago

Copy Fail (CVE-2026-31431): Critical Linux Kernel LPE Vulnerability Affecting All Major Distributions

A critical Linux privilege escalation vulnerability (CVE-2026-31431) dubbed "Copy Fail" has been discovered by researcher Xint Code. The exp

Xint·1mo ago