Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: cisa-kev (33 articles)Clear

Citrix NetScaler exploitation confirmed - CISA adds to KEV with April 2 deadline (CVE-2026-3055)

The Citrix NetScaler flaw we reported under active recon two days ago has escalated fast. Attackers are now sending crafted SAMLRequest payloads that trigger memory leaks exposing sensitive data through session cookies. CISA added CVE-2026-3055 to the Known Exploited Vulnerabilities catalog on March 30 with an unusually tight April 2 remediation deadline - just three days for federal agencies.

Check
Check if you run NetScaler ADC or Gateway configured as a SAML identity provider.
Affected
NetScaler ADC/Gateway 14.1 < 14.1-66.59, 13.1 < 13.1-62.23, 13.1-FIPS/NDcPP < 13.1-37.262.
Fix
Update to 14.1-66.59, 13.1-62.23, or 13.1-37.262 respectively. CISA deadline is April 2, 2026.

F5 BIG-IP APM flaw reclassified from DoS to pre-auth RCE - now actively exploited (CVE-2025-53521)

Remember that F5 BIG-IP APM bug from last year everyone treated as a denial-of-service issue? Turns out it's pre-auth remote code execution - CVSS 9.3. F5 quietly reclassified it after new findings in March 2026 and confirmed exploitation in the wild. CISA added it to the KEV catalog with a March 30 patch deadline. That's tomorrow.

Check
Check if you run F5 BIG-IP with APM access policies enabled.
Affected
BIG-IP APM 17.5.0-17.5.1, 17.1.0-17.1.2, 16.1.0-16.1.6, 15.1.0-15.1.10.
Fix
Update to 17.5.2, 17.1.3, 16.1.7, or 15.1.11 respectively. CISA deadline is March 30, 2026.

Langflow AI platform RCE exploited within 20 hours of disclosure - no auth required (CVE-2026-33017)

Attackers didn't wait for a proof-of-concept. Within 20 hours of CVE-2026-33017 being disclosed in Langflow - an open-source AI workflow builder with 145K+ GitHub stars - they built working exploits straight from the advisory. One crafted HTTP POST to the public flow endpoint is all it takes, no credentials needed. Compromised instances leak API keys for OpenAI, AWS, and connected databases.

Check
Check if you run Langflow, especially any instances exposed to the internet.
Affected
Langflow <= 1.8.1.
Fix
Upgrade to Langflow 1.9.0. If you can't patch now, take instances offline or block the /api/v1/build_public_tmp endpoint.