CISA warns of two active flaws in Langflow and Trend Micro

Published on May 23, 2026 | Translated from Spanish

The Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its KEV catalog. The first affects Langflow, an artificial intelligence tool, and the second affects Trend Micro Apex One. Both are being actively exploited by attackers to compromise systems. The update is urgent.

cybersecurity operation center monitoring station, large digital screen displaying two active threat alerts side by side: left panel showing Langflow AI interface with malicious code injection flow, right panel showing Trend Micro Apex One console with compromised endpoint warning, red glowing indicators pulsing, network traffic lines connecting to vulnerable servers, technician hand reaching toward keyboard to initiate emergency update, dramatic blue and red lighting, holographic data streams, cinematic photorealistic technical illustration, high contrast industrial atmosphere, detailed UI elements with glowing threat markers

Technical details of vulnerabilities in AI and security 🛡️

The flaw in Langflow, identified as CVE-2025-3248, allows remote code execution through an unauthenticated path. Meanwhile, the vulnerability in Trend Micro Apex One (CVE-2025-24085) involves a privilege escalation that can give the attacker full control of the system. Both require immediate patches. Security teams must prioritize their application to prevent intrusions.

Even your antivirus can fail you, what irony 😅

It turns out that the very tool that should protect you, Trend Micro Apex One, has a hole through which attackers enter as if they own the place. And if you use Langflow to create AIs, someone could be using it to create chaos. So you know: update or get ready to explain to your boss why your systems are singing the blues.