THE Known Exploited Vulnerabilities (KEV) Catalog by CISA serves as an authoritative repository for vulnerabilities actively exploited in the wild, assisting organizations in managing and prioritizing vulnerabilities. The catalog includes specific information about a recent vulnerability, CVE-2025-48595, related to the Android Framework, which has an integer overflow issue that could enable local privilege escalation.
Organizations can contribute new vulnerabilities to the KEV catalog and access the catalog in various formats such as CSV and JSON. Updates on exploited vulnerabilities can be received via subscription.