Threat Intelligence Brief — May 22, 2026
Coverage: May 21-22, 2026 | New CVEs this report: 9 | Updated entries from previous report: 3
Previous report (May 21, 2026): Vulnerability Intelligence Report — May 21, 2026
Items already covered in depth in the May 21 report and carrying forward without major new information are noted at the bottom of this post with update summaries where applicable. New entries are listed first.
Langflow — CVE-2025-34291 (Actively Exploited, CISA KEV)
| Software Affected | Langflow (AI agent workflow platform, langflow-ai/langflow) |
| Affected Versions | All versions up to and including 1.6.9. Fixed in version 1.7.0 and later. |
| CVE | CVE-2025-34291 | CVSS 8.8 HIGH | CWE-346 (Origin Validation Error) | CISA KEV — Due 2026-06-04 |
| Fixable? | Yes. Upgrade to Langflow 1.7.0 or later. |
| Business Impact | A chained vulnerability combining an overly permissive CORS configuration (allow_origins=* with allow_credentials=True) and a SameSite=None refresh token cookie allows a malicious webpage to silently obtain access and refresh tokens from an authenticated victim session. Those tokens grant access to Langflow’s built-in code execution functionality, enabling arbitrary code execution and full system compromise. The Iranian state-sponsored threat actor MuddyWater has been observed exploiting this vulnerability in active attacks. CISA has added it to the Known Exploited Vulnerabilities catalog with a June 4, 2026 remediation deadline. |
| How to Fix | Upgrade Langflow to version 1.7.0 or later. If immediate upgrade is not possible, restrict access to the Langflow instance to trusted networks only and disable external-origin requests at the network perimeter. |
| Recommended Action | Urgent. This vulnerability is actively exploited by a nation-state actor and carries a CISA KEV deadline. If your organization runs Langflow in any environment, upgrade immediately. If you cannot upgrade, take the instance offline or restrict it to isolated internal networks. Review access logs for any anomalous cross-origin requests or unexpected code execution events. |
| Official Source | NVD — CVE-2025-34291 CISA KEV Catalog Langflow GitHub Security Advisories |
Trend Micro Apex One — CVE-2026-34926 (Actively Exploited)
| Software Affected | Trend Micro Apex One (on-premise endpoint security platform) and Apex One as a Service / Vision One Standard Endpoint Protection (SaaS) |
| Affected Versions | Apex One 2019 (on-premise): all server and agent builds below 17079 (Windows) Apex One as a Service / Vision One SEP (SaaS): agent builds below 14.0.20731 (Windows) Fixed in: On-premise SP1 CP Build 18012 (replaces earlier CP 17079) / SaaS agent build 14.0.20731 |
| CVE | CVE-2026-34926 | CVSS 6.7 MEDIUM (Trend Micro CNA) | CWE-23 (Relative Path Traversal) | CISA KEV — Due 2026-06-04 |
| Fixable? | Yes. Patches are available. Apply SP1 CP Build 18012 for on-premise; agent build 14.0.20731 for SaaS. |
| Business Impact | A directory traversal vulnerability in the Apex One management server allows an attacker who already has administrative access to the central server to manipulate a key table and push malicious code to all managed agents across the entire fleet of connected workstations and servers. In organizations with large Apex One deployments this means a single compromised admin account on the management server can translate into malware execution on every managed endpoint. Exploitation was confirmed in the wild before patches were released, making this a zero-day at the time of attack. The Japanese national cybersecurity authority also issued a warning. This vulnerability is on the CISA KEV list. |
| How to Fix | On-premise: apply Apex One SP1 Critical Patch Build 18012 (this replaces the earlier CP 17079, which was withdrawn due to an unrelated issue). Users who already applied 17079 are protected but should apply 18012 when available. SaaS: update agents to build 14.0.20731 or later via the Vision One console. Additionally: review and audit administrative access to the Apex One management server. Enforce least-privilege and multi-factor authentication for all admin accounts. |
| Recommended Action | Urgent. Active exploitation confirmed. Apply the patch without delay. If patching cannot be done immediately, restrict network access to the Apex One management server to trusted admin workstations only. Review management server logs for anomalous key table modifications or unexpected agent push events. |
| Official Source | Trend Micro Security Advisory KA-0023430 NVD — CVE-2026-34926 CISA KEV Catalog |
Cisco Secure Workload — CVE-2026-20223 (CVSS 10.0 Critical)
| Software Affected | Cisco Secure Workload (formerly Tetration) — on-premise and cloud deployments |
| Affected Versions | Release 3.9 and all earlier releases: all affected, no direct patch — must migrate to 3.10.x or 4.0.x Release 3.10: affected in all versions below 3.10.8.3 Release 4.0: affected in all versions below 4.0.3.17 SaaS deployment: already patched by Cisco, no user action required Fixed in: Release 3.10.8.3 and Release 4.0.3.17 |
| CVE | CVE-2026-20223 | CVSS 10.0 CRITICAL | CWE-306 (Missing Authentication for Critical Function) | No workarounds available |
| Fixable? | Yes. Update to 3.10.8.3 or 4.0.3.17. Release 3.9 and earlier have no patch and require migration. No workarounds exist. |
| Business Impact | An unauthenticated remote attacker can send crafted requests to internal REST API endpoints in Cisco Secure Workload and gain full Site Admin-level access without any credentials. This allows reading of sensitive configuration data and network intelligence across all tenant boundaries, and making arbitrary configuration changes to workload security policies. In environments using Secure Workload for microsegmentation and zero-trust enforcement, this vulnerability effectively grants an outside attacker the ability to disable or manipulate all policy controls. Cisco discovered this internally; it has not been observed in the wild. |
| How to Fix | On-premise Release 3.10: upgrade to 3.10.8.3. On-premise Release 4.0: upgrade to 4.0.3.17. Release 3.9 and earlier: no patch is available; plan immediate migration to a supported release. SaaS: already patched by Cisco; verify your deployment type with Cisco support if uncertain. No workarounds exist — network-level restriction of access to the Secure Workload management interface is the only interim risk reduction measure. |
| Recommended Action | High priority. CVSS 10.0 with no workaround. Update immediately. If running Release 3.9 or earlier, treat this as a migration emergency. Restrict network access to the Secure Workload management interface to administrative networks only as an interim measure while scheduling the upgrade. |
| Official Source | Cisco Security Advisory cisco-sa-csw-pnbsa-g8WEnuy NVD — CVE-2026-20223 |
Microsoft Defender — CVE-2026-45584 (Remote Code Execution, New)
| Software Affected | Microsoft Defender — Malware Protection Engine (Microsoft Malware Protection Engine / MsMpEng) |
| Affected Versions | Microsoft Malware Protection Engine: 1.1.26030.3008 through 1.1.26040.7 (all builds before 1.1.26040.8) Fixed in: Malware Protection Engine 1.1.26040.8 (deployed automatically via Windows Update) |
| CVE | CVE-2026-45584 | CVSS 8.1 HIGH (base) | Microsoft Max Severity: Critical | CWE-122 (Heap-based Buffer Overflow) | Not yet exploited in the wild |
| Fixable? | Yes. The fix is automatically deployed via Windows Defender’s built-in update mechanism. No manual intervention required on standard configurations. |
| Business Impact | A heap-based buffer overflow in the Malware Protection Engine can be triggered over a network connection, allowing an unauthenticated remote attacker to execute arbitrary code in the context of the Defender scanning process. Microsoft rates this Critical due to the potential for lateral movement — an attacker able to cause a target’s Defender to scan a crafted file (e.g., via a network share or email) can achieve code execution without requiring the user to open or interact with the file directly. This vulnerability is separate from CVE-2026-41091 and CVE-2026-45498 covered in the previous report; all three affect the same engine version range and are remediated by the same engine update. |
| How to Fix | Verify Malware Protection Engine is updated to 1.1.26040.8 or later: open Windows Security, go to Virus and threat protection, select Protection updates, and click Check for updates. In enterprise environments, confirm Intune, SCCM, or WSUS is distributing Defender platform updates to all endpoints. The same update resolves CVE-2026-41091 and CVE-2026-45498 from the previous report. |
| Recommended Action | Confirm the Defender engine update has been applied across all Windows endpoints. This is the same engine update required for the actively exploited CVE-2026-41091 and CVE-2026-45498 from the May 21 report. If those were already verified as remediated, no additional steps are needed for this CVE. |
| Official Source | Microsoft MSRC Advisory — CVE-2026-45584 NVD — CVE-2026-45584 |
Google Chrome — CVE-2026-9111 and CVE-2026-9110 (Critical RCE, Drive-By)
| Software Affected | Google Chrome (Windows, macOS, Linux) | Microsoft Edge (Chromium-based) — patch pending at time of disclosure |
| Affected Versions | All Chrome versions prior to 148.0.7778.178 (Linux) and 148.0.7778.178/179 (Windows and macOS) Fixed in: Chrome 148.0.7778.178 for Linux | Chrome 148.0.7778.178/179 for Windows and macOS Microsoft Edge: no fixed version available at time of disclosure — check Microsoft Edge release notes for update |
| CVE | CVE-2026-9111 (Chrome WebRTC component) | CVE-2026-9110 (Chrome User Interface component) | Both rated Critical by Google | Not yet exploited in the wild |
| Fixable? | Yes. Chrome updates automatically. A manual check for updates can accelerate delivery. |
| Business Impact | Both vulnerabilities allow an attacker to execute arbitrary code on any device running an unpatched version of Chrome simply by directing the user to a malicious or compromised website. No file download or interaction beyond visiting the page is required. This is a drive-by exploitation scenario: a user opening a link from email, a messaging app, or a browser bookmark on a vulnerable machine is sufficient for full compromise. These are the 20th and 21st critical Chrome vulnerabilities in 2026 — an historically unprecedented rate, attributed in part to AI-assisted vulnerability research. Edge users on the Chromium engine are also at risk until Microsoft releases an Edge patch. |
| How to Fix | Chrome: open Chrome menu, go to Help, then About Google Chrome. Chrome will check for updates and prompt a restart. Confirm version is 148.0.7778.178 or later. Edge: monitor Microsoft Edge release notes at https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security for the corresponding patch and apply when available. Enterprise: push the Chrome update via group policy or your endpoint management tool. |
| Recommended Action | Update Chrome across all endpoints promptly. Given the drive-by nature of exploitation and the unusually high rate of critical Chrome vulnerabilities in 2026, consider enforcing browser auto-update via policy if not already done. For Edge users, monitor for the Edge security patch and apply without delay. |
| Official Source | Chrome Releases Blog (chromereleases.googleblog.com) NVD — CVE-2026-9111 NVD — CVE-2026-9110 |
Composer (PHP) — CVE-2026-45793 (GitHub Token Leaked to CI Logs)
| Software Affected | Composer — PHP dependency manager (getcomposer.org / composer/composer) |
| Affected Versions | Branch 2.x (main): 2.3.0 through 2.9.7 — Fixed in 2.9.8 Branch 2.2.x (LTS): 2.0.0 through 2.2.27 — Fixed in 2.2.28 Branch 1.x (legacy): 1.0.0 through 1.10.27 — Fixed in 1.10.28 |
| CVE | CVE-2026-45793 (GHSA-f9f8-rm49-7jv2) | CVSS 7.5 HIGH | CWE-200 (Exposure of Sensitive Information) | Not yet exploited in the wild |
| Fixable? | Yes. Update Composer to 2.9.8, 2.2.28, or 1.10.28 as appropriate for your branch. |
| Business Impact | GitHub has introduced a new format for GitHub Actions GITHUB_TOKEN values that include a hyphen character. Composer’s token validation regex does not accept hyphens, causing the token to fail validation and be interpolated verbatim into an error message — which is then printed by Symfony Console and captured in CI/CD build logs. Many widely-used Actions (such as shivammathur/setup-php) automatically register the GITHUB_TOKEN into Composer’s auth configuration, meaning this leak can occur in a standard CI/CD pipeline without any unusual configuration. Any build log that contains the leaked token is accessible to anyone with repository read access. GitHub Actions tokens expire at job end (up to 6 hours on hosted runners, up to 24 hours on self-hosted runners), limiting the exploitation window but not eliminating it — especially in environments with long-running or self-hosted CI jobs. |
| How to Fix | Update Composer to 2.9.8 (main), 2.2.28 (LTS), or 1.10.28 (legacy) by running: composer self-update Review recent CI/CD build logs for any Composer error messages containing a GITHUB_TOKEN string. If found, check whether the token was active for an extended period (self-hosted runners) and audit repository access logs for the affected window. Restrict build log visibility to trusted collaborators if logs are currently public. |
| Recommended Action | Update Composer in all CI/CD pipelines and developer environments. Given the prevalence of Composer in PHP projects and the automatic exposure via common GitHub Actions, treat this as a routine but important update to apply promptly. Review past build logs if you use self-hosted GitHub Actions runners with long token lifetimes. |
| Official Source | Composer Security Advisory GHSA-f9f8-rm49-7jv2 Composer Releases (github.com/composer/composer) |
HP Linux Imaging and Printing (HPLIP) — CVE-2026-8631 (CVSS 9.8 Critical, Network RCE)
| Software Affected | HP Linux Imaging and Printing (HPLIP) — the open-source driver and utility stack for HP printers and multi-function devices on Linux |
| Affected Versions | All HPLIP versions prior to 3.26.4 Fixed in: HPLIP 3.26.4 |
| CVE | CVE-2026-8631 | CVSS 9.8 CRITICAL | CWE-190 (Integer Overflow) / CWE-122 (Heap-based Buffer Overflow) | HP Advisory HPSBPI04118 | Not exploited in the wild |
| Fixable? | Yes. Update HPLIP to version 3.26.4 or later. |
| Business Impact | An integer overflow in the hpcups print processing path leads to a heap buffer overflow when handling specially crafted print job data. An unauthenticated attacker on the same network can send a malicious print job to a system running a vulnerable HPLIP version and achieve arbitrary code execution with the privileges of the HPLIP printing process — without any user interaction. This affects Linux servers and workstations using HP printing hardware via HPLIP, which is the default HP printer driver in most Linux distributions. In corporate environments with shared network printers or print servers, this creates a lateral movement vector from the print network segment. |
| How to Fix | Update HPLIP to 3.26.4 via your Linux distribution’s package manager (apt upgrade hplip / dnf update hplip) or by downloading from the HP Linux Imaging and Printing software portal at hp.com. Check that your distribution has packaged 3.26.4 — some distributions may lag behind upstream. If 3.26.4 is not yet in your distro’s repositories, consider downloading and building from source or restricting print server access at the network level until the package is available. |
| Recommended Action | Update HPLIP on all Linux systems using HP printers. Given the CVSS 9.8 rating and the network-accessible attack vector with no authentication required, treat this as a high priority patch even though no active exploitation has been reported. Restrict print server access to known client subnets if patching cannot be done immediately. |
| Official Source | HP Security Bulletin HPSBPI04118 NVD — CVE-2026-8631 |
Updates on Items from the May 21 Report
The following vulnerabilities were covered in full in the May 21, 2026 Vulnerability Intelligence Report. They appear again in today’s news cycle with new information noted below.
Windows BitLocker — CVE-2026-45585 (YellowKey) — Microsoft Publishes Mitigation Script
Covered in full in the May 21 report. New development as of May 22: Microsoft published an automated PowerShell mitigation script (Remove-AutoFsTxFromWinRE.ps1) replacing the earlier manual mitigation steps, which were considered overly complex by security practitioners. The script mounts the WinRE image, removes the autofstx.exe entry from the BootExecute registry key in the offline SYSTEM hive, and re-seals WinRE. This is compatible with the forthcoming full security patch. Recommendation: apply the script to all affected systems (Windows 11 24H2, 25H2, 26H1 and Windows Server 2025 in TPM-only BitLocker configurations) and enforce TPM+PIN via Group Policy. Official source: Microsoft MSRC — CVE-2026-45585.
Linux Kernel — CVE-2026-46333 (ssh-keysign-pwn) — Additional Coverage
Covered in full in the May 21 report. Reported again in detail by security.nl on May 22. No new technical developments. The kernel patch was committed May 14, 2026 and is rolling out via distribution updates. The interim workaround remains: set kernel.yama.ptrace_scope = 2 in /etc/sysctl.conf. A public PoC is available. See the May 21 report for full version details and remediation steps.
Microsoft Defender — CVE-2026-41091 and CVE-2026-45498 (Actively Exploited)
Covered in full in the May 21 report. No new developments. Both remain on the CISA KEV list with a June 3, 2026 deadline. Verify Malware Protection Engine version is 1.1.26040.8 or later across all Windows endpoints. This same engine update also addresses CVE-2026-45584 listed above in today’s report.
Drupal Core — CVE-2026-9082 (SQL Injection / RCE)
Covered in full in the May 21 report. Patches are available and confirmed. If not yet applied, update immediately — the Drupal Security Team warned that exploits typically appear within hours of patch release. See the May 21 report for exact fixed version numbers per branch.
Previous report: Vulnerability Intelligence Report — May 21, 2026
This report was automatically compiled from official advisories. Always verify remediation steps against official vendor documentation before applying changes in production.
