Update KEV: Fri Sep 5 00:12:54 UTC 2025

Signed-off-by: AboutCode Automation <[email protected]>

Author: aboutcode-automation

known_exploited_vulnerabilities.json

@@ -1,9 +1,52 @@
 {
     "title": "CISA Catalog of Known Exploited Vulnerabilities",
-    "catalogVersion": "2025.09.03",
-    "dateReleased": "2025-09-03T17:00:44.122Z",
-    "count": 1410,
+    "catalogVersion": "2025.09.04",
+    "dateReleased": "2025-09-04T18:50:12.4837Z",
+    "count": 1413,
     "vulnerabilities": [
+        {
+            "cveID": "CVE-2025-38352",
+            "vendorProject": "Linux",
+            "product": "Kernel",
+            "vulnerabilityName": "Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability",
+            "dateAdded": "2025-09-04",
+            "shortDescription": "Linux kernel contains a time-of-check time-of-use (TOCTOU) race condition vulnerability that has a high impact on confidentiality, integrity, and availability.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-09-25",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/stable\/linux.git\/commit\/?id=2c72fe18cc5f9f1750f5bc148cf1c94c29e106ff ; https:\/\/source.android.com\/docs\/security\/bulletin\/2025-09-01 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-38352",
+            "cwes": [
+                "CWE-367"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-48543",
+            "vendorProject": "Android",
+            "product": "Runtime",
+            "vulnerabilityName": "Android Runtime Use-After-Free Vulnerability",
+            "dateAdded": "2025-09-04",
+            "shortDescription": "Android Runtime contains a use-after-free vulnerability potentially allowing a chrome sandbox escape leading to local privilege escalation.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-09-25",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/source.android.com\/docs\/security\/bulletin\/2025-09-01 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-48543",
+            "cwes": []
+        },
+        {
+            "cveID": "CVE-2025-53690",
+            "vendorProject": "Sitecore",
+            "product": "Multiple Products",
+            "vulnerabilityName": "Sitecore Multiple Products Deserialization of Untrusted Data Vulnerability",
+            "dateAdded": "2025-09-04",
+            "shortDescription": "Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud contain a deserialization of untrusted data vulnerability involving the use of default machine keys. This flaw allows attackers to exploit exposed ASP.NET machine keys to achieve remote code execution. ",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-09-25",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/support.sitecore.com\/kb?id=kb_article_view&sysparm_article=KB1003865 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-53690",
+            "cwes": [
+                "CWE-502"
+            ]
+        },
         {
             "cveID": "CVE-2023-50224",
             "vendorProject": "TP-Link",