Currently exploited — week of June 3, 2026
Newly catalogued exploited vulnerabilities affecting Linux, Android, and others — per CISA's KEV feed this week.
Newly added to the KEV catalog
3 vulnerabilities were added to CISA's Known Exploited Vulnerabilities catalog this week.
CVE-2022-0492 (Linux): Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 release_agent feature.
CVE-2025-48595 (Android): Android Framework contains an integer overflow vulnerability that allows for code execution that could allow for local privilege escalation.
CVE-2024-21182 (Oracle): Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data.
Note: KEV captures vulnerabilities with **observed active exploitation** — older CVE ids that show up here are not stale, they're being exploited *now*.
Run a scan at scorifya.com to check if your stack exposes any of the same weaknesses — TLS, headers, DNS, and more in under 30 seconds.
Try a scan on scorifya.com, read how we score, or see Pro for unlimited scans and exports.