CISA Adds Two Known Exploited Vulnerabilities to Catalog
Summary
CISA has added two new vulnerabilities, CVE-2022-0492 and CVE-2025-48595, to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. These vulnerabilities, affecting the Linux Kernel and Android Framework respectively, are identified as significant risks to the federal enterprise and are frequently used by malicious actors.
IFF Assessment
The addition of newly exploited vulnerabilities to CISA's KEV catalog signifies an increased threat to organizations, as these vulnerabilities are actively being leveraged by adversaries.
Severity
CISA KEV: Listed as actively exploited. Federal patch due: June 05, 2026. Known ransomware use: Unknown.
Defender Context
Organizations should prioritize patching or mitigating CVE-2022-0492 and CVE-2025-48595 as they are actively exploited and present a significant risk. Inclusion in the KEV catalog indicates that these vulnerabilities are a high priority for attackers, and defenders should treat them as such in their vulnerability management programs.