Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
CISA Alerts on Langflow and Apex One Vulnerabilities

CISA Alerts on Langflow and Apex One Vulnerabilities

Posted on May 22, 2026 By CWS

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently issued a significant alert regarding two critical security vulnerabilities impacting Langflow and Trend Micro Apex One. These vulnerabilities have been added to the agency’s Known Exploited Vulnerabilities (KEV) catalog due to evidence of their active exploitation. This move underscores the urgent need for federal agencies to address these security flaws promptly.

Details of the Langflow and Trend Micro Vulnerabilities

Two specific vulnerabilities have been highlighted by CISA. The first, identified as CVE-2025-34291, is a critical origin validation error in Langflow with a CVSS score of 9.4. This flaw permits attackers to execute arbitrary code, potentially leading to a complete system compromise. The second vulnerability, CVE-2026-34926, pertains to Trend Micro Apex One’s on-premise versions, scoring 6.7 on the CVSS scale. It enables a directory traversal attack that allows malicious code injection by a pre-authenticated local attacker.

Reports and Potential Exploitation

According to a December 2025 report by Obsidian Security, the Langflow vulnerability exploits a combination of three weaknesses: overly permissive CORS, absence of CSRF protection, and an inherently exploitable endpoint. This security flaw not only compromises the Langflow instance but also risks the exposure of sensitive access tokens and API keys, potentially affecting integrated cloud and SaaS services. Additionally, Ctrl-Alt-Intel reported in March 2026 that the MuddyWater group, linked to Iran, has exploited this vulnerability for initial network access.

Response and Mitigation Measures

Trend Micro has acknowledged that CVE-2026-34926 is actively being targeted, noting that exploitation requires access to the Apex One server with administrative credentials. This vulnerability is specific to on-premise deployments, emphasizing the need for rigorous access controls. In response to these threats, the Federal Civilian Executive Branch (FCEB) agencies have been mandated to implement necessary patches by June 4, 2026, to secure their infrastructure against these vulnerabilities.

The addition of these vulnerabilities to CISA’s KEV catalog highlights the critical nature of these security risks and the importance of timely mitigation to prevent potential exploitation. As cyber threats continue to evolve, maintaining robust security measures is essential to protect sensitive systems and data.

The Hacker News Tags:CISA, Ctrl-Alt-Intel, CVE-2025-34291, CVE-2026-34926, cyber attack, Cybersecurity, FCEB, Hacking, KEV catalog, Langflow, MuddyWater, Obsidian Security, security flaws, Trend Micro, Vulnerabilities

Post navigation

Previous Post: npm Responds to Mini Shai-Hulud Attack with Token Reset
Next Post: TrendAI Fixes Exploited Apex One Vulnerability

Related Posts

DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints The Hacker News
Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers The Hacker News
Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats The Hacker News
CISA Alerts on SharePoint Flaw Amidst Active Exploitation CISA Alerts on SharePoint Flaw Amidst Active Exploitation The Hacker News
WordPress Plugins Compromised: Hidden Backdoors Revealed WordPress Plugins Compromised: Hidden Backdoors Revealed The Hacker News
Why IT Admins Choose Samsung for Mobile Security Why IT Admins Choose Samsung for Mobile Security The Hacker News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • VECT and TeamPCP: Unveiling the Ransomware Supply Chain Strategy
  • Global Expansion of Gentlemen Ransomware Threats
  • Critical Flaw in Google Dialogflow CX Exposed
  • Vulnerability in GCP Dialogflow Enables Malicious Code Injection
  • Gitea Vulnerability Exploited Actively, Experts Alert

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • VECT and TeamPCP: Unveiling the Ransomware Supply Chain Strategy
  • Global Expansion of Gentlemen Ransomware Threats
  • Critical Flaw in Google Dialogflow CX Exposed
  • Vulnerability in GCP Dialogflow Enables Malicious Code Injection
  • Gitea Vulnerability Exploited Actively, Experts Alert

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark