Actively exploited vulnerability

CVE-2025-48595: Android Framework Integer Overflow Vulnerability

Android Framework contains an integer overflow vulnerability that allows for code execution that could allow for local privilege escalation.

CISA KEV source 2 Jun 2026 added 5 Jun 2026 remediation due

Affected product

Android · Framework

Known ransomware use: Unknown

Required action

Follow the source advisory and validate exposure in your environment.

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Related Yasna coverage

Recent reporting that mentions CVE-2025-48595.

Security Affairs3 Jun 2026

Google Patches Actively Exploited Android Flaw Affecting Millions of Devices

Google fixed 124 Android flaws, including CVE-2025-48595, an actively exploited privilege escalation bug linked to targeted attacks. Google has released its June 2026 Android security updates, fixing 124 vulnerabilities across the mobile operating system. One flaw, tracked as CVE-2025-48595 (CVSS score of 8.4) stands out from the rest because it is already being exploited in […]