The US Cybersecurity and Infrastructure Security Agency (CISA) has added two new flaws to its Known Exploited Vulnerabilities catalog — the official list of security bugs confirmed to be under active attack. One affects the Linux kernel, the open-source software powering millions of web servers, smart home hubs, and Raspberry Pi devices. The other, CVE-2025-48595, affects Android smartphones and was already addressed in Google’s June 2026 security update. Adding a bug to CISA’s KEV catalog is the agency’s strongest signal: real attackers are exploiting it right now, not just in a lab.
The Linux flaw, CVE-2022-0492, hides inside a component called “cgroups v1” and allows an attacker who already has limited access to a Linux system to quietly upgrade themselves to full administrator control. While most home users running Windows or macOS are not directly affected, anyone running a home server, a Raspberry Pi, or a Linux desktop like Ubuntu should open a terminal and run sudo apt update && sudo apt upgrade (or the equivalent for their distribution) to pull the latest kernel patches.