<ul><li>U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a FreeType flaw to its Known Exploited Vulnerabilities catalog with CVE-2025-27363 and a CVSS score of 8.1.</li><li>Meta warned of the actively exploited vulnerability in FreeType versions 2.13.0 and below involving out-of-bounds write leading to arbitrary code execution.</li><li>The vulnerability impacts FreeType versions up to 2.13.0, with no details disclosed about the attackers or the attack scale.</li><li>Google's Android security updates addressed 46 flaws, including CVE-2025-27363, a high-severity vulnerability under limited targeted exploitation, with a risk of local code execution.</li></ul>

U.S. CISA adds FreeType flaw to its Known Exploited Vulnerabilities catalog

Discover more