CISA reports that two Android Framework vulnerabilities, CVE-2025-48572 and CVE-2025-48633, are being actively exploited in the wild, enabling local privilege escalation without user interaction on Android 13–16 devices and therefore require prioritized remediation as part of vulnerability management programs.

CISA reports that two long-known OpenPLC ScadaBR web vulnerabilities (stored XSS and authenticated arbitrary file upload) are now being actively exploited and must be urgently remediated by federal and other organizations using the software.