CISA warns of active attacks exploiting Android, Linux bugs

CISA warns that threat actors are exploiting two high-severity flaws: CVE-2025-48595 (Android Framework integer overflow affecting Android 14–16, enabling privilege escalation with no user interaction and reportedly under limited targeted exploitation) and CVE-2022-0492 (Linux kernel cgroups v1 privilege-escalation allowing container escape to host root across many kernel branches). Both CVEs were added to CISA's KEV, require immediate patching by affected organizations, and have vendor fixes available in recent security updates.