> TritonInfoSec News
Home / May 24, 2026 / Story
0
#7 The Hacker News general May 22, 2026 at 05:47 UTC

CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV

By [email protected] (The Hacker News)

AI Summary

CISA added two actively exploited vulnerabilities to its KEV catalog: CVE-2025-34291 (CVSS 9.4), an origin validation error in Langflow, and CVE-2026-34926, a directory traversal zero-day in Trend Micro Apex One's on-premise version patched by TrendAI after confirmed in-the-wild exploitation. Organizations running either product should treat these as urgent patch priorities given confirmed active exploitation.

Read full article → https://thehackernews.com/2026/05/cisa-adds-exploi…

Relevance score: 80.0/100

# More from May 24

  1. 1
    LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root The Hacker News
  2. 2
    Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV The Hacker News
  3. 3
    A hacker group is poisoning open source code at an unprecedented scale Ars Technica Security
  4. 4
    Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack SecurityWeek
  5. 5
    ‘First VPN’ Cybercrime Service Disrupted, Administrator Arrested SecurityWeek
  6. 6
    US and Canada arrest and charge suspected Kimwolf botnet admin BleepingComputer
  7. 8
    CISA Security Leak Schneier on Security
  8. 9
    FBI warns about fast-growing phishing kit targeting Microsoft 365 users CyberScoop
  9. 10
    China's Webworm Uses Discord, Microsoft Graphs to Hack EU Govts. Dark Reading