Skip to main content
Emerging Threats

CISA Flags Actively Exploited Langflow, Trend Micro Vulnerabilities

Rows of equipment racks and monitoring stations in a server room with an empty workstation.

Federal Civilian Executive Branch agencies are required to apply fixes by June 4, 2026, after CISA added two actively exploited flaws — CVE-2025-34291 and CVE-2026-34926 — to its Known Exploited Vulnerabilities (KEV) catalog.

CVE-2025-34291 (Langflow) and CVE-2026-34926 (Trend Micro Apex One): the basics

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two vulnerabilities to its KEV list, citing evidence they are being exploited in the wild. CVE-2025-34291, assigned a CVSS score of 9.4, is described as an origin validation error in Langflow that could allow an attacker to execute arbitrary code and achieve full system compromise. CVE-2026-34926, with a CVSS score of 6.7, is a directory traversal vulnerability in on-premise versions of Trend Micro Apex One that could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code and deploy it to agents on affected installations.

Technical decomposition reported by Obsidian Security

In a December 2025 report, Obsidian Security said CVE-2025-34291 exploits three combined weaknesses: overly permissive CORS, lack of cross-site request forgery (CSRF) protection, and an endpoint that allows code execution by design. Obsidian warned of broad consequences: "The impact is severe: successful exploitation not only compromises the Langflow instance but also exposes all sensitive access tokens and API keys stored within the workspace," and added that "This can trigger a cascading compromise across all integrated downstream services in cloud and SaaS environments."

MuddyWater exploitation of Langflow, per Ctrl‑Alt‑Intel

Ctrl‑Alt‑Intel reported in March 2026 that the Langflow flaw had been exploited by an Iranian hacking group named MuddyWater to obtain initial access to target networks. CISA’s KEV listing cites active exploitation as the basis for its addition to the catalog; the Ctrl‑Alt‑Intel finding links one exploit path to a named threat actor and to initial access operations.

Trend Micro’s observations and constraints on CVE‑2026‑34926 exploitation

Trend Micro stated it "observed at least one instance of an attempt to actively exploit one of these vulnerabilities in the wild." The vendor emphasized exploitation constraints: the vulnerability is only exploitable on the on‑premise version of Apex One and requires that an attacker have access to the Apex One Server and have already obtained administrative credentials to that server by some other method. In short, Trend Micro framed CVE‑2026‑34926 as serious but conditioned on an attacker achieving local access and administrative control through prior compromise.

What this means for FCEB agencies, security teams, and on‑premise Apex One customers

  • FCEB agencies: CISA’s KEV designation triggers a binding remediation requirement — agencies must apply the necessary fixes by June 4, 2026. The KEV listing reflects CISA’s determination that available evidence shows active exploitation, which is the agency’s stated criterion for catalog inclusion.
  • Security teams and technologists: For Langflow, the combined weaknesses called out by Obsidian Security — permissive CORS, missing CSRF protections, and a code-execution endpoint — underline that successful mitigation requires addressing multiple architectural and configuration issues, not just a single patch. For Apex One on‑prem installations, teams should note Trend Micro’s statement that the weakness requires preexisting server access and administrative credentials, which focuses defensive work on hardening admin access and monitoring for lateral movement.
  • On‑premise Apex One customers: Because CVE‑2026‑34926 only affects on‑premise installations, organizations running that deployment model should prioritize server access controls and credential protection while applying vendor-provided fixes.

CISA’s KEV addition and the accompanying vendor and research reports draw a clear triangle: a high‑severity remote code execution pathway in Langflow that researchers say can cascade into cloud and SaaS integrations, documented exploitation by a named group, and a separate, lower‑severity but still actionable on‑premises Apex One flaw that has seen at least one exploitation attempt but requires prior administrative compromise. With the June 4 deadline set for federal civilian networks, the next immediate step is whether agencies and affected organizations meet that timetable and whether follow‑on activity against downstream services or on‑premise fleets appears in public reporting.

Source: The Hacker News