U.S. CISA Adds FreeType Flaw to Known Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a FreeType vulnerability, listed under the number CVE-2025-27363 with a CVSS score of 8.1, to its catalog of known exploited vulnerabilities (KEV). In March, Meta warned that this out-of-bounds write vulnerability could have been actively exploited in attacks.