Multiple Remote Code Execution Vulnerabilities in Veeam and Langflow Detected

Severity: High (Score: 72.0)

Sources: cve.mitre.org, Advisories.Checkpoint

Summary

Two critical remote code execution vulnerabilities have been identified in Veeam Backup and Replication (CVE-2025-23121) and Langflow (CVE-2026-0769). The Veeam vulnerability, published on June 18, 2025, allows attackers to exploit the system if not patched. The Langflow vulnerability was published on January 23, 2026, and similarly poses a significant risk. Both vulnerabilities require users to update their Security Gateway products to the latest IPS updates to activate protections. The attack vectors include web server enforcement violations for Veeam and application intelligence for Langflow. Security professionals are advised to implement the necessary updates immediately to mitigate risks. The advisories emphasize the importance of monitoring logs for specific attack names related to these vulnerabilities. Current status indicates that protections are available but require immediate action from affected organizations. Key Points: • CVE-2025-23121 in Veeam and CVE-2026-0769 in Langflow are critical RCE vulnerabilities. • Immediate updates to Security Gateway products are required to activate protections. • Logs should be monitored for specific attack names related to these vulnerabilities.

Key Entities

• Zero-day Exploit (attack_type)
• CVE-2025-23121 (cve)
• CVE-2026-0769 (cve)
• Security Gateway (platform)
• Veeam Backup And Replication (platform)
• Langflow Remote Code Execution (vulnerability)