CISA has added two actively exploited vulnerabilities to its KEV catalog: CVE-2025-34291, a critical origin validation error (CVSS 8.8) in Langflow allowing remote code execution by the MuddyWater APT group, and CVE-2026-34926, a directory traversal flaw (CVSS 6.7) in Trend Micro Apex One (on-premise) allowing authenticated local attackers to modify server tables and inject code. The Langflow vulnerability affects versions up to and including 1.6.9. Federal agencies must remediate by June 4, 2026, and all organizations are urged to review the KEV catalog and apply patches.
Vulnerability Management CISA adds Trend Micro Apex One and Langflow flaws to exploited vulnerabilities catalog May 22, 2026 Share By SC Staff The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, specifically targeting flaws in Trend Micro Apex One and Langflow, based on information published by Security Affairs. The vulnerabilities added are CVE-2025-34291, an origin validation error in Langflow with a CVSS score of 9.4, and CVE-2026-34926, a directory traversal flaw in Trend Micro Apex One (on-premise) with a CVSS score of 6.7. The Langflow vulnerability allows for arbitrary code execution and system compromise, and has been actively exploited in the wild by the Iran-nexus APT group MuddyWater. The Trend Micro Apex One vulnerability, exploitable by a local attacker with administrative credentials, allows modification of server tables and injection of malicious code. CISA mandates that federal agencies address these vulnerabilities by June 4, 2026, to mitigate risks. Private organizations are also strongly advised to review the KEV catalog and patch their systems accordingly. Source: Security Affairs SC Staff Related Vulnerability Management You can now nominate vulnerabilities for CISA’s KEV with this form Laura French May 22, 2026 CISA seeks to engage the wider community to more quickly identify active exploitation. Vulnerability Management Cisco patches critical 10.0 flaw in Secure Workload APIs Steve Zurier May 22, 2026 Cisco patches critical 10.0 API flaw in Secure Workload platform. Vulnerability Management Nvidia releases driver updates to fix 14 critical vulnerabilities SC Staff May 21, 2026 The vulnerabilities affect GeForce, RTX, Quadro, Tesla, and NVS product lines, as well as vGPU and Cloud Gaming software. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Bug Buffer Overflow Disassembly You can skip this ad in 5 seconds