Contact us
Contact us

News

About

Home Crypto News CISA adds Langflow, Trend Micro Apex One flaws to KEV

CISA adds Langflow, Trend Micro Apex One flaws to KEV

Author Whitewallet Research
Posted: 22 May 2026, 07:11 CET 2 min read

CISA added two actively exploited flaws-CVE-2025-34291 in Langflow and CVE-2026-34926 in on-premise Trend Micro Apex One-to its KEV catalog.

The U.S. Cybersecurity and Infrastructure Security Agency added two vulnerabilities to its Known Exploited Vulnerabilities catalog on Thursday after receiving evidence of active exploitation. The entries are CVE-2025-34291 (CVSS 9.4) and CVE-2026-34926 (CVSS 6.7). Federal Civilian Executive Branch agencies must apply fixes by June 4, 2026.

CVE-2025-34291 affects Langflow and is described as an origin validation error that can allow an attacker to execute arbitrary code and take full control of an affected instance. A December 2025 report from Obsidian Security identified three combined weaknesses behind the flaw: overly permissive Cross-Origin Resource Sharing settings, a lack of cross-site request forgery protection, and an endpoint that permits code execution. Obsidian wrote that a successful exploit can compromise a Langflow instance and expose sensitive access tokens and API keys stored in the workspace, which can lead to compromise of integrated cloud and SaaS services. Security researchers reported in March 2026 that the Iranian-linked group MuddyWater used the vulnerability to gain initial access to target networks.

CVE-2026-34926 is a directory traversal vulnerability limited to on-premise installations of Trend Micro Apex One. The vendor described a scenario in which a pre-authenticated local attacker who has access to the Apex One server and administrative credentials obtained by other means could modify a key server table and inject code that would be pushed to agents on affected installations. Trend Micro said the flaw applies only to on-premise servers and reported at least one observed attempt to exploit it in the wild.

CISA’s KEV listing requires covered agencies to prioritize remediation of listed flaws within set timeframes. Organizations running Langflow, cloud services integrated with it, or on-premise Apex One should review vendor advisories, apply available patches or mitigations, and verify that administrative credentials and server access controls are secured.

Whitewallet Research
Author

Articles by this author

Malware in Pirated PC Games Steals Passwords and Crypto
Malware in Pirated PC Games Steals Passwords and Crypto
jun 8
Armstrong: Energy and Compute, Not Models, Will Cap AI Growth
Armstrong: Energy and Compute, Not Models, Will Cap AI Growth
jun 8
Custodial vs non-custodial wallet
Custodial vs non-custodial wallet
may 30
What is a crypto seed phrase
What is a crypto seed phrase
may 25
Seed phrase vs private key
Seed phrase vs private key
may 21

Latest News

MORE
Adam Back: Bitcoin won’t fire miners; Dashjr readies fork

Adam Back: Bitcoin won’t fire miners; Dashjr readies fork

jun 12 2 min read
Coinbase Lets AI Agents Trade Inside User-Controlled Limits

Coinbase Lets AI Agents Trade Inside User-Controlled Limits

jun 12 2 min read
Hackers Impersonate ChatGPT, Claude and DeepSeek

Hackers Impersonate ChatGPT, Claude and DeepSeek

jun 11 2 min read
Delaware advances bill to ban crypto ATMs after scam surge

Delaware advances bill to ban crypto ATMs after scam surge

jun 11 2 min read
MORE