CVE-2026-33017 is a vulnerability tracked across 10 threat clusters and 15 intelligence report mentions on ThreatCluster. First observed March 20, 2026; most recent activity June 30, 2026.
A critical pre-authentication remote code execution (RCE) vulnerability in Marimo, an open-source Python notebook platform, was disclosed on April 8, 2026, and exploited within 9 hours and 41 minutes. The vulnerability,…
A critical zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft has been exploited by the ShinyHunters group, leading to breaches of over 100 organizations, primarily in the education sector. The vulnerability…
Threat actors are exploiting CVE-2026-33017, a critical unauthenticated remote code execution vulnerability in Langflow, to compromise exposed AI application servers. This exploitation allows attackers to deploy a…
Dell Technologies has disclosed critical vulnerabilities in its Wyse Management Suite (WMS) that allow remote attackers to execute arbitrary code. The vulnerabilities, identified as CVE-2026-41120 and CVE-2026-49506,…
The Langflow vulnerability CVE-2026-33017 is being actively exploited to steal AWS keys and create a botnet known as 'KeyHunter.' This vulnerability allows for remote code execution on unpatched Langflow instances,…
A critical vulnerability in Langflow, tracked as CVE-2026-33017, allows unauthenticated remote code execution (RCE) via the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint. This flaw was exploited within 20 hours…
On April 8, 2026, a critical pre-authenticated remote code execution vulnerability (CVE-2026-39987) was disclosed in Marimo, an open-source Python notebook platform. The flaw allows unauthenticated attackers to gain a…
On March 24, 2026, two malicious versions of the LiteLLM Python package (1.82.7 and 1.82.8) were published on PyPI, containing credential-stealing malware. The attack, attributed to the TeamPCP threat group, exploited…
The Mistic malware, a newly identified Windows backdoor, has been active since April 2026, utilizing DLL sideloading to infiltrate enterprise environments. It exploits a legitimate executable, MpExtMs.exe, to load a…
A security analysis by Cracken reveals critical vulnerabilities in 12 widely used agentic red-team tools. These flaws allow attackers to exfiltrate API keys, escape sandbox environments, and fully compromise host…