24h | 7d | 30d

CVE-2026-33017

Overview

  • langflow-ai
  • langflow
20 Mar 2026
Published
21 Mar 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
0.46%
KEV

Description

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses attacker-controlled flow data (containing arbitrary Python code in node definitions) instead of the stored flow data from the database. This code is passed to exec() with zero sandboxing, resulting in unauthenticated remote code execution. This is distinct from CVE-2025-3248, which fixed /api/v1/validate/code by adding authentication. The build_public_tmp endpoint is designed to be unauthenticated (for public flows) but incorrectly accepts attacker-supplied flow data containing arbitrary executable code. This issue has been fixed in version 1.9.0.

Statistics

  • 4 Posts
  • 3 Interactions
Last activity: 1 hour ago

Bluesky

Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
CVE-2026-33017 is an unauthenticated remote code execution flaw in Langflow’s public flow build endpoint, exploited within 20 hours to run arbitrary Python and steal credentials via multi-stage attacks. #Langflow #RemoteCode #Exploit2026
  • 0
  • 2
  • 0
  • 7h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
Weekly recap highlights critical vulnerabilities like Langflow CVE-2026-33017, supply-chain abuses, AI-powered threats, container security challenges with D4C, and CI/CD risks from Trivy hijacking affecting global cyber defense. #SupplyChain #ContainerSecurity
  • 0
  • 1
  • 0
  • 1h ago
Profile picture fallback
Philippe Vynckier @pvynckier.bsky.social
Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure thehackernews.com/2026/03/crit...
  • 0
  • 0
  • 0
  • 14h ago
Profile picture fallback
/r/netsec @r-netsec-bot.bsky.social
Langflow Got Hacked Twice Through the Same exec() Call - CVE-2026-33017 (CVSS 9.3) exploited in 20 hours with no public PoC
  • 0
  • 0
  • 0
  • 4h ago

CVE-2026-20817

Overview

  • Microsoft
  • Windows 10 Version 21H2
13 Jan 2026
Published
26 Feb 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
0.02%
KEV

Description

Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally.

Statistics

  • 2 Posts
  • 16 Interactions
Last activity: 2 hours ago

Fediverse

Profile picture fallback
Clément Labro @itm4n

This is my analysis (and PoC) for CVE-2026-20817, a privilege escalation in the Windows Error Reporting service.

👉 itm4n.github.io/cve-2026-20817

Credit goes to Denis Faiustov and Ruslan Sayfiev for the discovery.

TL;DR A low privilege user could send an ALPC message to the WER service and coerce it to start a WerFault.exe process as SYSTEM with user-controlled arguments and options. I did not achieve arbitrary code execution, but perhaps someone knows how this can be done? 🤷‍♂️

  • 7
  • 9
  • 0
  • 4h ago
Profile picture fallback
Mr. B34n🛸 @glitterbean

CVE-2026-20817 - Windows Error Reporting Service EoP itm4n.github.io/cve-2026-20817

  • 0
  • 0
  • 0
  • 2h ago

CVE-2026-31979

Overview

  • himmelblau-idm
  • himmelblau
11 Mar 2026
Published
11 Mar 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.02%
KEV

Description

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Prior to 3.1.0 and 2.3.8, the himmelblaud-tasks daemon, running as root, writes Kerberos cache files under /tmp/krb5cc_<uid> without symlink protections. Since commit 87a51ee, PrivateTmp is explicitly removed from the tasks daemon's systemd hardening, exposing it to the host /tmp. A local user can exploit this via symlink attacks to chown or overwrite arbitrary files, achieving local privilege escalation. This vulnerability is fixed in 3.1.0 and 2.3.8.

Statistics

  • 1 Post
  • 12 Interactions
Last activity: 9 hours ago

Fediverse

Profile picture fallback
Catalin Cimpanu @campuscodi

A vulnerability in a Linux enterprise app can allow attackers root access over devices

The issue impacts Himmelblau, an interoperability suite to integrate Linux with Entra ID and Intune networks.

akamai.com/blog/security-resea

  • 8
  • 4
  • 0
  • 9h ago

CVE-2026-3564

Overview

  • ConnectWise
  • ScreenConnect
17 Mar 2026
Published
18 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.0)
EPSS
0.06%
KEV

Description

A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 12 hours ago

Bluesky

Profile picture fallback
Philippe Vynckier @pvynckier.bsky.social
Unpatched ScreenConnect servers open to attack (CVE-2026-3564) - Help Net Security www.helpnetsecurity.com/2026/03/20/c...
  • 1
  • 0
  • 0
  • 12h ago

CVE-2026-4535

Overview

  • Tenda
  • FH451
22 Mar 2026
Published
22 Mar 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.05%
KEV

Description

A vulnerability has been found in Tenda FH451 1.0.0.9. This vulnerability affects the function WrlclientSet of the file /goform/WrlclientSet. Such manipulation of the argument GO leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 15 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

⚠️ HIGH severity: CVE-2026-4535 in Tenda FH451 (v1.0.0.9) — stack-based buffer overflow in /goform/WrlclientSet. Remote, unauthenticated code execution possible. Patch or mitigate now! radar.offseq.com/threat/cve-20

  • 1
  • 0
  • 0
  • 15h ago

CVE-2025-32975

Overview

  • Pending
24 Jun 2025
Published
03 Nov 2025
Updated
CVSS
Pending
EPSS
0.13%
KEV

Description

Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains an authentication bypass vulnerability that allows attackers to impersonate legitimate users without valid credentials. The vulnerability exists in the SSO authentication handling mechanism and can lead to complete administrative takeover.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 21 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

⚠️ CRITICAL: Quest KACE vuln (CVE-2025-32975) under active exploitation, mainly in education. No patch yet — segment networks, monitor KACE activity, and restrict access. Global risk. Details: radar.offseq.com/threat/critic

  • 1
  • 0
  • 0
  • 21h ago

CVE-2026-4534

Overview

  • Tenda
  • FH451
22 Mar 2026
Published
22 Mar 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.05%
KEV

Description

A flaw has been found in Tenda FH451 1.0.0.9. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. This manipulation of the argument GO causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 13 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🔎 CVE-2026-4534 (HIGH, CVSS 8.7): Stack-based buffer overflow in Tenda FH451 (v1.0.0.9) lets remote attackers execute code. PoC exploit published. Patch/mitigate now — restrict access & monitor for attacks. Info: radar.offseq.com/threat/cve-20

  • 0
  • 1
  • 0
  • 13h ago

CVE-2026-4543

Overview

  • Wavlink
  • WL-WN578W2
22 Mar 2026
Published
22 Mar 2026
Updated
CVSS v4.0
MEDIUM (5.3)
EPSS
0.18%
KEV

Description

A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is an unknown function of the file /cgi-bin/firewall.cgi of the component POST Request Handler. Performing a manipulation of the argument dmz_flag/del_flag results in command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 10 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

⚠️ CVE-2026-4543: Wavlink WL-WN578W2 (v221110) has a MEDIUM severity command injection flaw in /cgi-bin/firewall.cgi. No patch; public exploit exists. Isolate, restrict access, and monitor traffic urgently. radar.offseq.com/threat/cve-20

  • 0
  • 1
  • 0
  • 10h ago

CVE-2026-3629

Overview

  • carazo
  • Import and export users and customers
21 Mar 2026
Published
21 Mar 2026
Updated
CVSS v3.1
HIGH (8.1)
EPSS
0.04%
KEV

Description

The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.29.7. This is due to the 'save_extra_user_profile_fields' function not properly restricting which user meta keys can be updated via profile fields. The 'get_restricted_fields' method does not include sensitive meta keys such as 'wp_capabilities'. This makes it possible for unauthenticated attackers to escalate their privileges to Administrator by submitting a crafted registration request that sets the 'wp_capabilities' meta key. The vulnerability can only be exploited if the "Show fields in profile" setting is enabled and a CSV with a wp_capabilities column header has been previously imported.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 18 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

⚠️ CVE-2026-3629: HIGH severity in carazo's 'Import and export users and customers' WP plugin (≤1.29.7). Privilege escalation to admin possible if 'Show fields in profile' is on and CSV with 'wp_capabilities' imported. Mitigate now! radar.offseq.com/threat/cve-20

  • 0
  • 1
  • 0
  • 18h ago

CVE-2026-4533

Overview

  • code-projects
  • Simple Food Ordering System
22 Mar 2026
Published
22 Mar 2026
Updated
CVSS v4.0
MEDIUM (5.3)
EPSS
0.03%
KEV

Description

A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file all-tickets.php. The manipulation of the argument Status results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 16 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

⚠️ MEDIUM: CVE-2026-4533 in code-projects Simple Food Ordering System v1.0 allows unauthenticated SQL injection via 'Status' in all-tickets.php. Public exploit code exists — patch or mitigate now! radar.offseq.com/threat/cve-20

  • 0
  • 1
  • 0
  • 16h ago
Showing 1 to 10 of 26 CVEs