RSS
Last updated: May 13, 2026 at 5:42 AM UTC
All 208 Vulnerability 72 Breach 41 Threat 88 Defense 7
vulnerability
CVE-2026-33017
2026-03-27

Langflow AI platform RCE exploited within 20 hours of disclosure - no auth required (CVE-2026-33017)

Attackers didn't wait for a proof-of-concept. Within 20 hours of CVE-2026-33017 being disclosed in Langflow - an open-source AI workflow builder with 145K+ GitHub stars - they built working exploits straight from the advisory. One crafted HTTP POST to the public flow endpoint is all it takes, no credentials needed. Compromised instances leak API keys for OpenAI, AWS, and connected databases.

langflowaircecisa-kevactively-exploited
Check
Check if you run Langflow, especially any instances exposed to the internet.
Affected
Langflow <= 1.8.1.
Fix
Upgrade to Langflow 1.9.0. If you can't patch now, take instances offline or block the /api/v1/build_public_tmp endpoint.
vulnerability
CVE-2026-21992
2026-03-23

Oracle emergency patch for pre-auth RCE in Identity Manager and Web Services Manager (CVE-2026-21992)

Oracle broke its quarterly patch cycle to push an emergency fix for CVE-2026-21992 - a CVSS 9.8 pre-auth RCE in Oracle Identity Manager and Web Services Manager. An unauthenticated attacker with network access over HTTP can take over the entire identity management system. Oracle won't say if it's been exploited, but a nearly identical flaw in the same product (CVE-2025-61757) was added to CISA's KEV catalog just four months ago.

oracleidentity-managerrceemergency-patch
Check
Check if you run Oracle Identity Manager or Oracle Web Services Manager.
Affected
Oracle Identity Manager 12.2.1.4.0 and 14.1.2.1.0. Oracle Web Services Manager 12.2.1.4.0 and 14.1.2.1.0.
Fix
Apply the out-of-band Security Alert patch from Oracle immediately. Only available for versions under Premier or Extended Support.