Known exploited
FreeType
CVE published 2025-05-06
CVE-2025-27363
CVE-2025-27363 is a FreeType out-of-bounds write vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2025-05-06. Because it is already in KEV, organizations should treat it as urgently actionable and verify whether any products, platforms, or services they operate include FreeType directly or indirectly. CISA’s guidance for KEV entries is to apply vendor mitigations, follow app [truncated]