Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints CVE-2026-33017
Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026-33017 (CVSS score: 9.3), an unauthenticated remote code execution (RCE) vulnerability in Langflow, i Known Exploited (CISA KEV).
Sources: https://thehackernews.com/2026/06/langflow-rce-exploited-to-deploy-monero.html
Rancher Fleet can disclose secrets across namespaces and CVE-2026-44935
Classification: NEW. Rancher Fleet has a GHSA for cross-namespace secret disclosure through Helm Deployer valuesFrom use. Treat it as owner assignment unless the advisory names exploitation or a direct response step.
Recommended action: Review Fleet Helm Deployer valuesFrom use and patch.
Identifiers: CVE-2026-44935
Sources: [GitHub advisory GHSA-xr65-5cpm-g36x](https://github.com/advisories/GHSA-xr65-5cpm-g36x)
Rancher command injection through unsanitized YAML parameter and CVE-2026-44939
Classification: NEW. The Rancher GHSA describes command injection through an unsanitised YAML parameter. Treat it as owner assignment unless the advisory names exploitation or a direct response step.
Recommended action: Route Rancher patch or mitigation to platform owners.
Identifiers: CVE-2026-44939
Sources: [GitHub advisory GHSA-mhc6-2gfq-xx62](https://github.com/advisories/GHSA-mhc6-2gfq-xx62)
Adobe ColdFusion WID-SEC-2026-2155 and CVE-2026-48276 gains CERT-FR and CERT-Bund routing
Classification: NEW. ColdFusion now has dual CERT-FR and CERT-Bund routing, raising routing confidence for European patch teams. Treat it as owner assignment unless the advisory names exploitation or a direct response step.
Recommended action: Route ColdFusion APSB26-68/CVE-2026-48276 patch checks.
Identifiers: CVE-2026-48276 / WID-SEC-2026-2155
Sources: [CERT-FR advisory CERTFR-2026-AVI-0821](https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0821/); [CERT-Bund advisory WID-SEC-2026-2155](https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2155)
Cursor DuneSlide CVE-2026-50548/CVE-2026-50549 lets prompt injection escape sandbox
Classification: NEW. Cursor DuneSlide links prompt injection to sandbox escape in developer workflows, with a vendor GHSA patch anchor. Treat it as owner assignment unless the advisory names exploitation or a direct response step.
Recommended action: Update Cursor to 3.0 and restrict MCP-enabled workflows.
Identifiers: CVE-2026-50548 / CVE-2026-50549
Sources: [The Hacker News report](https://thehackernews.com/2026/07/critical-cursor-flaws-could-let-prompt.html); [Cursor security advisory](https://github.com/cursor/cursor/security/advisories/GHSA-3v8f-48vw-3mjx)
Ghost frontend cache-poisoning XSS via x-ghost-preview header and CVE-2026-53943
Classification: NEW. Ghost has a GHSA for preview-header cache poisoning that can lead to frontend XSS. Treat it as owner assignment unless the advisory names exploitation or a direct response step.
Recommended action: Patch Ghost publishing frontends.
Identifiers: CVE-2026-53943
Sources: [GitHub advisory GHSA-62q6-4hv4-vjrw](https://github.com/advisories/GHSA-62q6-4hv4-vjrw)
Progress Kemp LoadMaster CVE-2026-8037 exploitation attempts begin
Classification: UPDATED. Today's delta is active exploitation attempts against Progress Kemp LoadMaster. eSentire reports exploitation attempts, IOCs and fixed versions, which moves the item into immediate patch and hunt work.
Recommended action: Patch to GA 7.2.63.2 or LTSF 7.2.54.18 and hunt listed IOC IPs.
Identifiers: CVE-2026-8037
Sources: [eSentire advisory](https://www.esentire.com/security-advisories/progress-kemp-loadmaster-vulnerability-targeted-cve-2026-8037); [The Hacker News report](https://thehackernews.com/2026/07/latest-progress-kemp-loadmaster-pre.html)
MSRC CVE-2026-10097 ML-KEM-1024 ciphertext comparison weakness
Classification: NEW. MSRC has published a cryptography weakness affecting ML-KEM-1024 implementation paths. Treat it as owner assignment unless the advisory names exploitation or a direct response step.
Recommended action: Map affected cryptography dependencies and vendor SDKs.
Identifiers: CVE-2026-10097
Sources: [MSRC advisory CVE-2026-10097](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10097)
Citrix NetScaler WID-SEC-2026-2147 and CVE-2026-10816 patch batch reaches EU routing
Classification: NEW. NetScaler ADC and Gateway patch routing now appears through both CERT-FR and CERT-Bund. Treat it as owner assignment unless the advisory names exploitation or a direct response step.
Recommended action: Verify NetScaler ADC/Gateway fixed versions.
Identifiers: CVE-2026-10816 / WID-SEC-2026-2147
Sources: [CERT-FR advisory CERTFR-2026-AVI-0822](https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0822/); [CERT-Bund advisory WID-SEC-2026-2147](https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2147)
IBM WebSphere Liberty WID-SEC-2026-2156 and CVE-2026-11546 enters app-server routing
Classification: NEW. WebSphere Liberty appears in app-server routing and belongs with middleware owner checks. Treat it as owner assignment unless the advisory names exploitation or a direct response step.
Recommended action: Route WebSphere Liberty patch validation.
Identifiers: CVE-2026-11546 / WID-SEC-2026-2156
Sources: [CERT-Bund advisory WID-SEC-2026-2156](https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2156)
Also tracked
- MSRC KubeVirt CVE-2026-13325 disableTLS migration exposure · CVE-2026-13325 · High
- CERT-Bund Chrome WID-SEC-2026-2143 and CVE-2026-13774 high-severity batch · CVE-2026-13774 · High
- sigstore verification constraints can be silently dropped and CVE-2026-48815 and · CVE-2026-48815 · High
- Apify MCP server path authority injection can leak Apify tokens and · CVE-2026-50143 · High
- oras-go blob upload can forward credentials through Location redirects and · CVE-2026-50151 · High
- oras-go file store and tar extraction can escape intended directories and CVE-2026-50162 and · CVE-2026-50162 · High
- Keycloak privilege escalation via scope mapping enforcement flaw and · CVE-2026-9795 · High
- Ubuntu USN-8493-1 ships Linux kernel fixes and · CVE-2022-48816 · Medium
- Keycloak WID-SEC-2026-2145 and CVE-2026-12388 enters EU patch routing · CVE-2026-12388 · Medium
- Coolify WID-SEC-2026-2151 and CVE-2026-27882 enters EU patch routing · CVE-2026-27882 · Medium
- Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs · CVE-2026-43707 · Medium
- UltraVNC WID-SEC-2026-2162 and CVE-2026-44040 enters remote-access patch routing · CVE-2026-44040 · Medium
- Mailpit sibling API endpoints can exhaust memory through unbounded JSON bodies and · CVE-2026-48824 · Medium
- oras-go malicious registry can hijack bearer-token realm and · CVE-2026-48978 · Low
- CERT-Bund Synology MailPlus Server WID-SEC-2026-2140 and CVE-2025-15660 high-severity batch · CVE-2025-15660 · Unknown
- IBM Power HMC WID-SEC-2026-2150 and CVE-2026-12943 code-execution advisory · CVE-2026-12943 · Unknown
- CERT-Bund Snipe-IT WID-SEC-2026-2144 and CVE-2026-55481 information-disclosure advisory · CVE-2026-55481 · Unknown
- Gitea WID-SEC-2026-2149 and CVE-2026-58418 enters source-control patch routing · CVE-2026-58418 · Unknown
- SurrealDB JSON Patch copy/move bypasses field-level SELECT permissions and GHSA-fpxg-5xmv-922m