Cve-2025-48595

vulnerabilities 2026-06-03
Android Framework Zero-Day CVE-2025-48595: Silent Privilege Escalation Under Active Attack
CVE-2025-48595 is a high-severity integer overflow in the Android Framework that escalates privilege with no user interaction and no special permissions. Google confirms limited, targeted exploitation; CISA added it to KEV on June 2 with a June 5 federal deadline. Affects Android 14, 15, 16, and 16 QPR2.
android zero-day cve-2025-48595 privilege-escalation integer-overflow mobile-security cisa-kev cvss-8.4

Android Framework Zero-Day CVE-2025-48595: Silent Privilege Escalation Under Active Attack