Vulnerability detail
Enriched intelligence for a single CVE
High
CVE-2025-48595
PUBLISHEDIn multiple locations, there is a possible way to achieve code execution due to an integer overflow. This could lead to local escalation of...
6 hours faster than CISA KEV
- Vendor
- Product
- Android
- Published
- Jun 01, 2026
- EPSS
- 0.5% · 68% pctl
Automate this intelligence with the Pro API
Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.
Description
In multiple locations, there is a possible way to achieve code execution due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Weaknesses (CWE)
-
Integer Overflow or Wraparound
CVSS scores
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitation status
Exploited in the wild
Recorded 2026-06-02 12:15:00 UTC · KEVIntel
Known exploited vulnerability sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| KEVIntel First | 2026-06-02 12:15 UTC |
| CyberInsider | 2026-06-02 14:20 UTC |
| The Shadowserver (via CIRCL) | 2026-06-02 18:00 UTC |
| CISA | 2026-06-02 18:00 UTC |
| All CISA Advisories | 2026-06-02 19:21 UTC |
| TheHackerNews | 2026-06-02 20:20 UTC |
| CVE | 2026-06-02 21:40 UTC |
Recent mentions
TheHackerNews · Jun 02, 2026
Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in the Framework component that has come under active exploitation. Tracked as CVE-2025-48595 (CVSS score: 8.4), the security flaw has been described as a case of privilege escalation without requiring any user interaction. The
All CISA Advisories · Jun 02, 2026
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2022-0492 Linux Kernel Improper Authentication Vulnerability CVE-2025-48595 Android Framework Integer Overflow Vulnerability These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
CyberInsider · Jun 02, 2026
Google has released the June 2026 Android security updates, addressing dozens of vulnerabilities across the mobile operating system, including a high-severity zero-day flaw that is under active, targeted exploitation. The update also fixes multiple critical privilege-escalation and denial-of-service vulnerabilities affecting core Android components. The actively exploited vulnerability is tracked as CVE-2025-48595, an elevation-of-privilege (EoP) flaw … The post Android June 2026 update patches actively exploited zero-day appeared first on CyberInsider.
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel
-
KEV confirmed by CyberInsider
-
KEV confirmed by The Shadowserver (via CIRCL)
-
KEV confirmed by CISA
-
KEV confirmed by All CISA Advisories
-
KEV confirmed by TheHackerNews
-
KEV confirmed by CVE