CISA Adds Two Active Exploited Vulnerabilities to Alert List

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified two vulnerabilities actively being exploited by attackers: CVE-2025-34291 in Langflow (origin validation flaw) and CVE-2026-34926 in Trend Micro Apex One (directory traversal issue). These flaws are now part of CISA's Known Exploited Vulnerabilities Catalog, a continuously updated list of security risks threatening critical systems. While U.S. federal agencies must patch these vulnerabilities immediately under directive BOD 22-01, CISA recommends all organizations—including Indian enterprises—prioritize fixing these issues to prevent cyberattacks. Organizations should integrate KEV Catalog monitoring into their vulnerability management strategies. Source: CISA.