Vulnerability intelligence
CVE-2025-48595
Android Framework
In multiple locations, there is a possible way to achieve code execution due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Score
8.4
High
EPSS — Exploit Probability
1.7%
Riskier than 75% of all CVEs
Exploitation
Confirmed in the wild
KEV since 2026-06-02
Remediation
Patch available
Federal deadline 2026-06-05
10 articles across 6 outlets · first covered Jun 2, 2026 · latest Jun 3, 2026
Tracked incidents
Coverage timeline
-
Android Local Privilege Flaw CVE-2025-48595 Exploited in the Wildsocradar.io · Jun 3, 2026
-
CISA warns of active Linux kernel flaw enabling container escapeswww.securityweek.com · Jun 3, 2026
-
CISA Adds Critical Linux and Android Flaws to KEV Catalogsecurityaffairs.com · Jun 3, 2026
-
Google fixes 124 Android bugs, patches active CVE-2025-48595securityaffairs.com · Jun 3, 2026
-
Drupal SQL Injection Exploit: Critical Flaw Exploited in the Wild with Public PoCsecurityonline.info · Jun 3, 2026
-
CISA adds Android Framework flaw CVE-2025-48595 to KEV cataloguewww.cisa.gov · Jun 3, 2026
-
CISA adds Linux kernel CVE-2022-0492 and Android flaw to KEV listsecurityonline.info · Jun 3, 2026
-
CISA Adds CVE-2025-48595 to Known Exploited Vulnerabilities Cataloguecisa.gov · Jun 2, 2026
-
Google patches Android zero day CVE‑2025‑48595 among 124 fixeswww.securityweek.com · Jun 2, 2026
-
Google patches Android zero‑day bug in Qualcomm, MediaTek chipssecurityonline.info · Jun 2, 2026