CVE-2025-48595: Android Framework

What is CVE-2025-48595?

In multiple locations, there is a possible way to achieve code execution due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS8.4 NVD 3.1

SeverityHIGH

Exploitation In the wild In CISA KEV

EPSS1% · P68

Triage statusActive Exploit

ActionPatch immediately

CVSS vectorCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWECWE-190

NVD published2026-06-01

NVD last modified2026-06-02

CISA Known Exploited Vulnerability

Android Framework Integer Overflow Vulnerability

Added to KEV2026-06-02

Federal patch deadline2026-06-05

Known ransomware useUnknown

Affected product

Android Framework

Remediation Steps

Apply the vendor security update for Google Android as a priority.
Restrict network exposure of the affected service to trusted sources until patched.
Review logs and detections for indicators of exploitation.
Confirm fixed versions against the official vendor advisory before deploying.

References

Coverage on defend.network

Vulnerability Priority Report – Week 2 of June 2026 (June 8 – 14)
Vulnerability Priority Report – Week 1 of June 2026 (June 1 – 7)
Android, WinRAR, WordPress Kirki: Three critical zero-days under active exploitation (2026-06-03)

🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.