CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Current Activity·21. Mai 2026, 12:00

Originalartikel lesen bei CISA Current Activity

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-34291 Langflow Origin Validation Error Vulnerability CVE-2026-34926 Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability These types of...

MITRE ATT&CK Kill Chain (1 Techniken)

Resource Development

T1588.006

Vulnerabilities

Vollständigen Artikel lesen bei CISA Current Activity

8 Quellen berichten

Primärquellen

CISA Adds One Known Exploited Vulnerability to Catalog
CISA Current Activity · vor 12 Tagen
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
CISA Current Activity · vor 6 Tagen

Weitere Quellen

Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
The Hacker News · vor 12 Tagen
Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
BleepingComputer · vor 12 Tagen
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
The Hacker News · vor 12 Tagen
Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026
SecurityWeek · vor 12 Tagen
TrendAI Patches Apex One Zero-Day Exploited in the Wild
SecurityWeek · vor 5 Tagen

Erwähnte CVEs (2)

CVE-2025-34291HIGH(8.8)

KEVEPSS 30%

Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account takeover and remote code execution. An overly permissive CORS configuration (allow_origins='*' with allow_credentials=True) combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh endpoint. An attacker-controlled origin can therefore obtain fresh access_token / refresh_token pairs for a victim session. Obtained tokens permit access to authenticated endpoints — including built-in code-execution functionality — allowing the attacker to execute arbitrary code and achieve full system compromise.

Details NVD

CVE-2026-34926

Nicht in lokaler DB — siehe NVD

NVD

MITRE ATT&CK Kill Chain (1 Techniken)

Verwandte Artikel