VYPR
Vypr IntelligenceAI-generatedJun 2, 2026· 1 CVE

Google CVE-2025-48595 Added to CISA KEV Under Active Exploitation

The Cybersecurity and Infrastructure Security Agency (CISA) has added a Google vulnerability, CVE-2025-48595, to its Known Exploited Vulnerabilities catalog following evidence of active exploitation in the wild.

Key findings

  • CISA added Google vulnerability CVE-2025-48595 to its Known Exploited Vulnerabilities catalog on June 2, 2026.
  • The flaw is confirmed to be actively exploited in the wild, posing an immediate risk to unpatched systems.
  • There are currently no public indications linking this specific vulnerability to ransomware campaigns.
  • Organizations are urged to apply Google's official security updates immediately to mitigate potential exposure.

The Cybersecurity and Infrastructure Security Agency (CISA) added a security vulnerability affecting Google software, designated as CVE-2025-48595, to its Known Exploited Vulnerabilities (KEV) catalog on June 2, 2026. This designation confirms that threat actors are actively exploiting the flaw in real-world cyberattacks, making immediate remediation a critical priority for security teams.

While specific technical details regarding the exploitation vector or the precise target component within Google's ecosystem remain limited, the inclusion of CVE-2025-48595 in the KEV catalog highlights its severity. Threat actors frequently target widely deployed software to gain initial access, escalate privileges, or execute arbitrary code on vulnerable endpoints and enterprise servers.

At this time, there are no public reports linking CVE-2025-48595 to active ransomware campaigns. However, unpatched vulnerabilities in ubiquitous software platforms like those from Google remain highly attractive targets for a broad spectrum of adversaries, from opportunistic cybercriminals to advanced persistent threat (APT) groups.

In accordance with Binding Operational Directive (BOD) 22-01, federal civilian executive branch agencies are required to apply the necessary vendor updates or workarounds by the specified KEV remediation deadline. Private sector organizations and critical infrastructure providers are strongly urged to follow suit, prioritizing this patch to secure their environments against ongoing exploitation.

AI-written article. Grounded in 1 CVE record listed below.