Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: actively-exploited (70 articles)Clear

Attackers exploit unpatched Langflow flaw for unauthenticated code execution

VulnCheck reports that attackers are actively exploiting an unpatched flaw in Langflow, a popular open-source platform for building AI applications. The bug (CVE-2026-5027, rated 8.8) is a path-traversal weakness: the file-upload endpoint does not clean the supplied filename, so an attacker can use directory-climbing sequences to write files anywhere on the server, a foothold that leads to remote code execution. Tenable, which found it, says the maintainers did not respond after three contact attempts in early 2026, and there is still no official fix. Early exploitation appears to be probing, with attackers writing harmless test files, but that usually precedes heavier attacks.

Check
Identify any internet-facing Langflow instances, confirm the version, and review the server filesystem and web logs for unexpected files written via the /api/v2/files upload endpoint.
Affected
Internet-exposed Langflow deployments where the file-upload endpoint is reachable (CVE-2026-5027). No vendor patch is available yet, and active exploitation is already under way.
Fix
Until a fix ships, take Langflow off the public internet or place it behind authentication and a WAF that blocks path-traversal payloads, and restrict the upload endpoint.

Microsoft finally patches actively exploited Exchange OWA spoofing zero-day

Microsoft has shipped the first full patch for an Exchange Server zero-day that attackers have been exploiting since May. The flaw (CVE-2026-42897) is a cross-site scripting bug in Outlook Web Access: an attacker emails a victim, and when the message is opened in OWA, malicious JavaScript runs inside the victim's authenticated session, allowing session-token theft and mailbox impersonation without ever touching the server. It affects Exchange Server 2016, 2019, and Subscription Edition, and CISA added it to its known-exploited list back in May. Until this week only temporary mitigations existed; the June security updates provide the permanent fix.

Check
Confirm the June 2026 security update is applied to all on-premises Exchange servers, and review OWA and mailbox audit logs for suspicious script activity or session hijacking since May.
Affected
On-premises Microsoft Exchange Server 2016, 2019, and Subscription Edition exposing Outlook Web Access (CVE-2026-42897), a spoofing and cross-site scripting flaw exploited in attacks since May.
Fix
Apply the June 2026 Exchange security update now to replace the earlier mitigation-only guidance, then reset potentially exposed OWA sessions and rotate credentials for affected mailboxes.

Google patches actively exploited Chrome V8 zero-day, fifth this year

Google has shipped an emergency Chrome fix for a zero-day in V8, the browser's JavaScript and WebAssembly engine, that attackers are already exploiting in the wild. The flaw (CVE-2026-11645, rated 8.8) is an out-of-bounds memory read and write that lets a malicious web page run code inside Chrome's sandbox, and can help defeat protections like ASLR to set up a fuller compromise. Google confirmed an exploit exists but withheld details until most users update. It is the fifth actively exploited Chrome zero-day of 2026. The fix is in Chrome 149.0.7827.102/103 for desktop; Chromium-based browsers like Edge and Brave need the same update.

Check
Check Chrome and Chromium-based browser versions across managed endpoints (chrome://version or MDM inventory) and confirm they are at or above the June 8 patched build.
Affected
Google Chrome desktop before 149.0.7827.102/103 on Windows, macOS, and Linux (CVE-2026-11645, a V8 out-of-bounds read/write), plus Chromium-based browsers such as Edge and Brave.
Fix
Update Chrome to 149.0.7827.102 or later and relaunch to apply it. Push the update through enterprise policy and patch all Chromium-based browsers in your fleet.

LiteLLM AI gateway flaw exploited for unauthenticated remote code execution

Attackers are actively exploiting a flaw in LiteLLM, a widely used open-source gateway that routes requests to AI models, and CISA has added it to its known-exploited-vulnerabilities list. The bug (CVE-2026-42271) lets any authenticated user run commands on the host through test endpoints that spawn whatever command is supplied in the request. Chained with a separate Host-header bypass in the Starlette web framework (CVE-2026-48710), it becomes unauthenticated remote code execution, giving full control of the server, credential theft, and a foothold in connected AI infrastructure. Horizon3.ai has published a proof-of-concept. It follows a LiteLLM SQL injection flaw exploited within 36 hours last month.

Check
Identify internet-facing LiteLLM proxy deployments and their version, check the Starlette version in use, and review logs of the /mcp-rest/test endpoints for unexpected command execution.
Affected
LiteLLM AI gateway and Python SDK (BerriAI) deployments exposing the vulnerable test endpoints (CVE-2026-42271), especially when paired with Starlette versions vulnerable to the Host-header bypass (CVE-2026-48710).
Fix
Upgrade LiteLLM and Starlette to the fixed releases immediately, restrict the affected endpoints to trusted networks, and rotate any credentials or API keys reachable from the LiteLLM host.

Check Point VPN zero-day exploited by Qilin ransomware, patch now

Check Point has rushed out a fix for a critical flaw in its Remote Access VPN, Mobile Access, and Spark firewall products that attackers have been exploiting since May 7. The bug (CVE-2026-50751, rated 9.3) is a logic error in how the software checks certificates, letting an unauthenticated attacker log into the VPN with no password, but only on gateways still using the old IKEv1 key-exchange protocol. So far a few dozen organizations have been hit, and at least one intrusion was tied to an affiliate of the Qilin ransomware gang, which used the access to steal data with Rclone before deploying ransomware. A second, unexploited flaw was also patched.

Check
Check whether your Check Point gateways accept IKEv1 remote-access connections, then audit VPN and authentication logs back to May 7 for logins lacking a matching certificate or password.
Affected
Check Point Remote Access VPN, Mobile Access, and Spark firewalls on versions R80.20.X through R82.10 configured for the deprecated IKEv1 protocol without mandatory machine certificates.
Fix
Apply the hotfix per Check Point advisory SK185033, or switch Remote Access to IKEv2 only, make machine-certificate authentication mandatory, drop legacy clients, and enable IPS signatures.

Cisco SD-WAN Manager zero-day exploited to gain root, no patch yet

Cisco has warned of an actively exploited, unpatched zero-day in Cisco Catalyst SD-WAN Manager (CVE-2026-20245) that enables root privilege escalation across all deployment types, including on-prem, Cloud, Managed, and FedRAMP Government. The flaw stems from insufficient validation of user-supplied input: an attacker who uploads a crafted file can perform command injection and run arbitrary commands as root. Exploitation requires netadmin privileges - obtained via valid credentials or by chaining CVE-2026-20182 or CVE-2026-20127. Mandiant reported the activity to Cisco's PSIRT in June. Cisco has observed limited cases where exploitation pushed configuration changes to edge devices, and published IoCs pointing to suspicious tenant-list uploads in scripts.log.

Check
Inventory Cisco Catalyst SD-WAN Manager instances (all deployment types). Check /var/log/scripts.log for suspicious tenant-list uploads per Cisco's IoCs. Verify netadmin accounts and confirm CVE-2026-20182/20127 are patched.
Affected
All Cisco Catalyst SD-WAN Manager deployments (on-prem, Cloud, Managed, FedRAMP). Root-level command injection via crafted file upload; requires netadmin privileges, obtainable by chaining CVE-2026-20182 or CVE-2026-20127. No patch yet.
Fix
No patch available. Restrict netadmin access, enforce strong credentials and MFA, and patch the chainable CVE-2026-20182/20127. Apply Cisco IoCs and monitor scripts.log and edge-device config changes.

SolarWinds Serv-U flaw exploited to crash file-transfer servers, now in CISA KEV

CISA has warned that attackers are actively exploiting CVE-2026-28318, a high-severity SolarWinds Serv-U denial-of-service flaw, and added it to the Known Exploited Vulnerabilities catalog. Serv-U is SolarWinds' Windows and Linux managed-file-transfer and FTP software. The flaw is an uncontrolled-resource-consumption weakness: specially crafted POST requests using Content-Encoding: deflate crash the Serv-U service without authentication, in low-complexity attacks needing no user interaction. SolarWinds shipped Serv-U 15.5.4 Hotfix 1 and advised admins who cannot patch to restrict access and block POST requests containing content-encoding. Shodan tracks over 12,000 exposed Serv-U servers (Shadowserver around 3,100). FCEB agencies must patch by June 19 under BOD 22-01.

Check
Inventory SolarWinds Serv-U servers, especially internet-exposed ones (Shodan shows 12,000+). Confirm Serv-U 15.5.4 Hotfix 1 is applied. Monitor for crashes and crafted deflate POST requests.
Affected
SolarWinds Serv-U MFT/FTP servers before 15.5.4 Hotfix 1. Unauthenticated, low-complexity DoS via POST requests using Content-Encoding: deflate. Over 12,000 instances exposed online per Shodan.
Fix
Apply Serv-U 15.5.4 Hotfix 1. If patching must wait, restrict access to known addresses and block POST requests containing content-encoding. FCEB agencies must remediate by June 19.

Critical Everest Forms WordPress plugin flaw exploited to create rogue admins

Wordfence reports active exploitation of CVE-2026-3300 (CVSS 9.8), a remote code execution flaw in the Everest Forms Pro WordPress plugin (about 4,000 active installations) affecting all versions up to 1.9.12. The Calculation Addon's process_filter() function concatenates user-submitted form-field values into a PHP string and passes it to eval() without proper escaping; sanitize_text_field() does not escape single quotes, so unauthenticated attackers can inject and run arbitrary PHP by submitting a crafted value in any string-type field when a form uses the Complex Calculation feature. Exploitation began April 13; Wordfence has blocked 29,300+ attempts. The common payload creates a rogue admin named 'diksimarina.' Patch 1.9.13 shipped March 18.

Check
Inventory WordPress sites for Everest Forms Pro and confirm version 1.9.13 or later. Audit for a rogue admin named 'diksimarina' and review forms using the Complex Calculation feature.
Affected
Everest Forms Pro versions up to 1.9.12 using the Complex Calculation feature. Unauthenticated attackers inject PHP via any string-type field into an unescaped eval(). Exploited since April 13.
Fix
Upgrade Everest Forms Pro to 1.9.13 immediately. Remove rogue admins (e.g. 'diksimarina'), rotate admin credentials, and audit for web shells. Block the published attacker IPs.

Google June Android update fixes 124 flaws including exploited Framework zero-day CVE-2025-48595 - also added to CISA KEV same day

Google has released the June 2026 Android security patches addressing 124 vulnerabilities, including CVE-2025-48595, a high-severity Android Framework flaw under limited, targeted exploitation. Local attackers can abuse it to gain code execution and escalate privileges on Android 14 or later. Google fixed 18 critical vulnerabilities this cycle across System, Framework, and Qualcomm closed-source components; the most severe is a critical Framework flaw enabling remote privilege escalation with no user interaction. Two patch levels shipped (2026-06-01 and 2026-06-05). CISA added CVE-2025-48595 to its KEV catalog the same day. Pixel devices get updates immediately; other vendors typically lag. Similar Android Framework flaws have historically been abused by commercial spyware.

Check
Inventory Android fleet by version and patch level. Confirm devices show the 2026-06-05 patch level. Prioritize Android 14+ devices for CVE-2025-48595; push updates via MDM where possible.
Affected
Android 14 and later unpatched against the June 2026 update. CVE-2025-48595 is under limited targeted exploitation; high-interest individuals face the greatest risk from likely-spyware abuse.
Fix
Apply the June 2026 Android update (2026-06-05 patch level). Non-Pixel users: pressure OEMs for timely rollout. FCEB agencies must remediate CVE-2025-48595 per CISA KEV deadline.

Critical Kirki WordPress flaw CVE-2026-8206 exploited to hijack admin accounts via password-reset redirect - 500,000 installs, 222+ attacks blocked

Hackers are exploiting CVE-2026-8206, a critical privilege-escalation flaw in the Kirki - Freeform Page Builder WordPress plugin, to take over any account including administrators. Defiant's Wordfence blocked over 222 attempts against customers in 24 hours. The plugin is active on more than 500,000 sites; the bug was introduced in version 6.0.0 and affects up to 6.0.6 (nearly 40% of the userbase). It stems from a custom REST password-reset endpoint that accepts an arbitrary email: when a username is supplied, the plugin sends a valid reset link to the attacker-controlled address instead of the owner's. The vendor fixed it in 6.0.7 on May 18; admins should upgrade or disable immediately.

Check
Inventory WordPress sites for the Kirki plugin and confirm version. Audit user accounts and password-reset logs for reset links sent to unfamiliar email addresses since version 6.0.0 deployment.
Affected
Kirki - Freeform Page Builder versions 6.0.0 through 6.0.6 (nearly 40% of 500,000+ installs). The REST password-reset endpoint sends valid reset links to attacker-supplied email addresses for any user.
Fix
Upgrade Kirki to 6.0.7 or disable the plugin immediately. Remove unauthorized admin accounts, rotate all admin credentials, and audit for web shells, malicious plugins, and backdoors.