Bleeping Computer

Path traversal flaw in AI dev platform Langflow exploited in attacks

Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers. Langflow is an ...

Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days

On Tuesday, Microsoft patched two zero-day vulnerabilities that let attackers gain SYSTEM privileges on fully patched Windows ...