{"vulnerability": "cve-2026-5027", "sightings": [{"uuid": "0dcbd80f-75d1-4480-9084-4ccf3f8d5102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116302518672297608", "content": "", "creation_timestamp": "2026-03-27T18:20:00.459591Z"}, {"uuid": "0ead8fe4-329d-4812-b4b2-20ba91ba2529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mi37wax65s27", "content": "", "creation_timestamp": "2026-03-27T23:00:43.877720Z"}, {"uuid": "c95eca6e-8c31-4cea-996d-31906ed717e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mi3a7ggw5g2p", "content": "", "creation_timestamp": "2026-03-27T23:05:51.664647Z"}, {"uuid": "e3372b29-40ed-4f25-a8a7-e9ebed092d61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hakksaww.bsky.social/post/3mizwlisaa62l", "content": "", "creation_timestamp": "2026-04-09T04:06:10.931819Z"}, {"uuid": "40f55531-dfd4-4d7e-a770-8380bca11142", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "Telegram/fggUxSZ91PhRQG8cFeDPjLDOfmrqN_z7qBGoCgdZvWC0z40", "content": "", "creation_timestamp": "2026-04-02T15:00:09.000000Z"}, {"uuid": "37464c46-31c8-449c-a617-b132f10269fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "Telegram/s6a33mDrs3hh09uIAjQW8DorcIr1-yJ_HPhw8gyLF28vTKM", "content": "", "creation_timestamp": "2026-04-03T11:00:12.000000Z"}, {"uuid": "f9870780-6b8d-4141-9e8a-e6d3560eb82e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "Telegram/TImB4WLg9m4sLGXOfrFfePfJsw5eV9JDphaGTzdqtpQzKI4", "content": "", "creation_timestamp": "2026-04-03T21:00:05.000000Z"}, {"uuid": "17f7e1f9-02ca-430c-a0a5-9f61ed3c826f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "Telegram/kHfLfkapUcGKUVgufiQubA_bscQ_MrKjcom26lkyfAO4Fyc", "content": "", "creation_timestamp": "2026-03-27T17:23:12.000000Z"}, {"uuid": "5c52b84d-86e4-4c8f-8f7a-b38b489c8d4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "Telegram/PYoXNzyZrYaKFbj-BEEJp3q5SxJy9E0IbGus7zdCQfw4dWs", "content": "", "creation_timestamp": "2026-04-03T15:00:07.000000Z"}, {"uuid": "bba5a392-5468-46d0-b748-71829dc43662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/78441", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-5027\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a yahiahamza\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-02 10:49:33\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-5027 - Langflow Path Traversal to Remote Code Execution (CVSS 8.8)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-02T11:00:04.000000Z"}, {"uuid": "811a78be-4d10-40c3-be4a-4bc459b84b4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/78608", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-5027\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a EQSTLab\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-03 10:35:52\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nLangflow, Remote Code Execution (RCE) via Cron Job Injection through Path Traversal (CVE-2026-5027)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-03T11:00:04.000000Z"}, {"uuid": "e3c0360d-f078-4fca-bb0b-d90670a277e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/78586", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-5027\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a min8282\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-03 09:49:29\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nLangflow, Remote Code Execution (RCE) via Cron Job Injection through Path Traversal (CVE-2026-5027)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-03T10:00:04.000000Z"}, {"uuid": "3bcdf7e0-fbf2-4aa6-9543-82ca985702ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://t.me/GithubRedTeam/78649", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-5027\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a 0xBlackash\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-03 16:56:30\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-5027\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-03T17:00:04.000000Z"}, {"uuid": "c824851a-07cc-4992-9fd5-0509d63b8da0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-5027.yaml", "content": "", "creation_timestamp": "2026-06-09T19:01:02.000000Z"}, {"uuid": "aca30a44-b5e6-4969-8858-413b38c5f5cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mnx2p444fd2m", "content": "CVE-2026-5027 in Langflow enables unauthenticated path traversal to write arbitrary files, with active exploitation in the wild and potential remote code execution.\n", "creation_timestamp": "2026-06-10T15:47:46.186688Z"}, {"uuid": "c81a1383-68d4-4d74-9aad-cabcb77c4102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://thehackernews.com/2026/06/unpatched-langflow-flaw-cve-2026-5027.html", "content": "A high-severity unpatched security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under active exploitation in the wild, according to findings from VulnCheck.\n\nThe vulnerability in question is CVE-2026-5027 (CVSS score: 8.8), a case of path traversal that could allow an attacker to write files to arbitrary locations.\n\n\"The 'POST /", "creation_timestamp": "2026-06-10T13:00:59.000000Z"}, {"uuid": "03774d07-ff46-40f5-b0ce-9e08cc27a3fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mnx72hpe2c2e", "content": "Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE\n\nthehackernews.com/2026/06/unpa...\n\n#Cybersecurity #ThreatIntel #Vulnerability", "creation_timestamp": "2026-06-10T17:05:43.536288Z"}, {"uuid": "6a8ee72a-d522-4d0a-ba9d-725d3c89da8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/cerberusit.bsky.social/post/3mnxajnm65c26", "content": "The high-severity unpatched flaw CVE-2026-5027 in Langflow is currently being actively exploited, because of course it is. This mess directly affects developers using this low-code AI platform, allowing attackers to run remote code without even needing to ask for a password. Prot...\n\nRead full story", "creation_timestamp": "2026-06-10T17:32:06.888207Z"}, {"uuid": "8580ca29-d5f8-4bc8-acba-5245941cc5dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3mnxnij22en2v", "content": "Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers.", "creation_timestamp": "2026-06-10T21:24:05.769627Z"}, {"uuid": "8d1515e5-4640-403d-b32f-cf4faa8b3184", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mnxo6cc5fo25", "content": "AI\u30a2\u30d7\u30ea\u958b\u767a\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u300cLangflow\u300d\u306e\u30d1\u30b9\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u8106\u5f31\u6027\u3001\u5b9f\u653b\u6483\u3067\u306e\u60aa\u7528\u3092\u78ba\u8a8d\n\n\u653b\u6483\u8005\u304c\u73fe\u5728\u3001AI\u30a2\u30d7\u30ea\u958b\u767a\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u300cLangflow\u300d\u306b\u5b58\u5728\u3059\u308b\u6df1\u523b\u306a\u30d1\u30b9\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u8106\u5f31\u6027\u300cCVE-2026-5027\u300d\u3092\u7a4d\u6975\u7684\u306b\u60aa\u7528\u3057\u3066\u304a\u308a\u3001\u516c\u958b\u3055\u308c\u3066\u3044\u308b\u30b5\u30fc\u30d0\u30fc\u4e0a\u306b\u4efb\u610f\u306e\u30d5\u30a1\u30a4\u30eb\u3092\u66f8\u304d\u8fbc\u3080\u653b\u6483\u304c\u78ba\u8a8d\u3055\u308c\u3066\u3044\u307e\u3059\u3002 Langflow\u306f\u3001AI\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u30fbAI\u30a8\u30fc\u30b8\u30a7\u30f3\u30c8\u30fbRAG\uff08Retrieval", "creation_timestamp": "2026-06-10T21:36:16.265868Z"}, {"uuid": "20d2f83f-2ee6-486d-8c8f-8712c29288bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnxp2mw4qd2v", "content": "Silent Intrusion in AI Systems: CVE-2026-5027 Turns Langflow Into a Live Exploitation Battlefield +\u00a0Video\n\n\ud83e\udde0 Introduction: When AI Builders Become Attack Targets The rapid expansion of AI development platforms has created powerful tools for engineers, but it has also opened dangerous doors for\u2026", "creation_timestamp": "2026-06-10T21:52:08.282230Z"}, {"uuid": "e7a61a72-9744-4439-96d9-da9f88768426", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mnxqdu2lzq42", "content": "Path traversal flaw in AI dev platform Langflow exploited in attacks BleepingComputer Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI develop...\n\n#Security #News\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-10T22:15:32.344133Z"}, {"uuid": "9ee564f6-f98a-43aa-852e-d8dc58253a89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3mnxrbtbe4r23", "content": "\ud83d\udea8 Breaking: Path traversal flaw in AI dev platform Langflow exploited in attacks\nAttackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers\u2026\n\n\ud83d\udd17 https://hnow.live/a/dc898656", "creation_timestamp": "2026-06-10T22:31:56.655827Z"}, {"uuid": "13738f27-0d9b-4bf9-b949-33dc5b3d0833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnxrnduhwl23", "content": "\ud83d\udea8 CRITICAL ALERT: N/A\n\nCVSS 9.0/10\n\n\ud83d\udccb WHAT IT IS:\nAttackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers. [...]\n\n\ud83c\udfaf WHO'S AFFECTED:\n  \u2022 See NVD for affected products\n\n\u2694\ufe0f HOW IT'", "creation_timestamp": "2026-06-10T22:38:22.354690Z"}, {"uuid": "2deabc06-83cf-4897-ad99-6db9f4d03b3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnxscwpjnn2t", "content": "\ud83d\udea8 ACTIVE EXPLOIT: AI Platform Langflow Under Attack\n\nCVE-2026-5027 | CVSS 9.8 | Path Traversal\n\n\ud83d\udccb WHAT IT IS:\nAttackers are actively exploiting a critical path traversal vulnerability in Langflow \u2014 a popular open-source AI development platform. The flaw allows unauthenticated attackers to read arbit", "creation_timestamp": "2026-06-10T22:50:26.958422Z"}, {"uuid": "937cb41e-8f41-4aa8-9a91-edb3e8caf973", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnxx2gtbwj2n", "content": "Attackers are exploiting CVE-2026-5027 in Langflow, using a path traversal flaw in /api/v2/files to write arbitrary files on exposed servers. The default unauthenticated auto-login makes access easier. #Langflow #CVE20265027 #Tenable", "creation_timestamp": "2026-06-11T00:15:11.621284Z"}, {"uuid": "9c812681-f676-4060-8912-e887e0b777ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnxxvdpc3r2r", "content": "Unpatched Langflow CVE-2026-5027 is being exploited for unauthenticated RCE via path traversal in /api/v2/files, allowing arbitrary file writes on exposed instances. #Langflow #CVE20265027 #RCE", "creation_timestamp": "2026-06-11T00:30:14.177802Z"}, {"uuid": "da0e7f6d-d8d3-4f3a-899f-cf615c77350c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mnxyfg3zaw23", "content": "\u30d1\u30c3\u30c1\u672a\u9069\u7528\u306eLangflow\u306e\u8106\u5f31\u6027CVE-2026-5027\u304c\u60aa\u7528\u3055\u308c\u3001\u8a8d\u8a3c\u306a\u3057\u306e\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u304c\u53ef\u80fd\u306b \n\nUnpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE  #HackerNews (Jun 10)\n\nthehackernews.com/2026/06/unpa...", "creation_timestamp": "2026-06-11T00:39:12.886228Z"}, {"uuid": "035a7a3f-3242-4d22-8804-0efb3176baa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5027", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mnydhaqus22e", "content": "\ud83d\udcf0 Celah Keamanan Path Traversal pada Platform AI Langflow Aktif Dieksploitasi\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/11/celah-path-traversal-langflow-aktif-dieksploitasi/\n\n#aiPlatform #artificialIntelligence #celahKeamanan #cloudServer #cve-2026-5027 #cyberSecurity #hac", "creation_timestamp": "2026-06-11T03:57:05.336305Z"}, {"uuid": "ae7ebf2f-e68e-4602-9176-202e16407e0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5027", "type": "seen", "source": "https://bsky.app/profile/blindthoughts.bsky.social/post/3mnyelsu6qd2w", "content": "Langflow CVE-2026-5027 Actively Exploited \u2014 Patch or Take Offline Now\n\nhttps://blindthoughts.com/langflow-cve-2026-5027-path-traversal-exploited\n\n#vulnerability #aitooling #cve #pathtraversal #patchnow", "creation_timestamp": "2026-06-11T04:17:32.291632Z"}, {"uuid": "a312f765-e71b-4e4b-9720-36c4539f8f48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnyftumeqn2g", "content": "Exploiting the Invisible Gaps: Langflow CVE-2026-5027 Abuse and the Rise of Real-Time Payment Skimming Attacks in Modern Cybercrime +\u00a0Video\n\nEmotional Introduction: When Simple Oversights Become Massive Digital Breaks The cybersecurity landscape in 2026 is showing a dangerous pattern where small\u2026", "creation_timestamp": "2026-06-11T04:39:56.387692Z"}, {"uuid": "3d255c37-c768-498a-8494-b89bd07800aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/reconbee.bsky.social/post/3mnyo2lj5rk2j", "content": "Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE reconbee.com/unpatched-la...\n\n#Langflow #RCE #cybersecurity #cyberattack", "creation_timestamp": "2026-06-11T07:06:55.411406Z"}, {"uuid": "a08286d7-8785-4e73-b7ca-0dad8d47d08c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3mnysiv5jq32k", "content": "Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...", "creation_timestamp": "2026-06-11T08:26:26.895986Z"}, {"uuid": "7315a8fa-da20-4ecc-9a3e-f357e893e5bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5027", "type": "seen", "source": "https://bsky.app/profile/cyberlensai.bsky.social/post/3mnyyvpokkc2l", "content": "CVE watch: Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated...\n\nCheck exposure, dependency, and agent/tool access before panic-patching. Inventory beats vibes.\n\nSource: thehackernews.com\nhttps://thehackernews.com/2026/06/unpatched-langflow-flaw-cve-2026-5027.html", "creation_timestamp": "2026-06-11T10:20:59.185937Z"}, {"uuid": "a61cc8d2-c593-46e8-aafa-213d482ad524", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mnz6j4plxg2t", "content": "\u30cf\u30c3\u30ab\u30fc\u304cLangflow\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u3066\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\n\nVulnCheck\u306b\u3088\u308b\u3068\u3001\u8105\u5a01\u30a2\u30af\u30bf\u30fc\u304c\u4eba\u6c17\u306e\u30ed\u30fc\u30b3\u30fc\u30c9AI\u958b\u767a\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0Langflow\u306b\u5b58\u5728\u3059\u308b\u6df1\u523b\u306a\u8106\u5f31\u6027\u306e\u60aa\u7528\u3092\u958b\u59cb\u3057\u3066\u3044\u307e\u3059\u3002 CVE-2026-5027\uff08CVSS\u30b9\u30b3\u30a28.8\uff09\u3068\u3057\u3066\u8ffd\u8de1\u3055\u308c\u3066\u3044\u308b\u3053\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4e0a\u306e\u6b20\u9665\u306f\u3001\u653b\u6483\u8005\u304c\u30b7\u30b9\u30c6\u30e0\u4e0a\u306e\u4efb\u610f\u306e\u5834\u6240\u306b\u30d5\u30a1\u30a4\u30eb\u3092\u66f8\u304d\u8fbc\u3081\u308b\u30d1\u30b9\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u306e\u554f\u984c", "creation_timestamp": "2026-06-11T12:01:19.237192Z"}, {"uuid": "88980d31-2d40-4f43-abea-487e11c4552f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mnz6kooxr22n", "content": "Threat actors exploit CVE-2026-5027 in Langflow to write arbitrary files via path traversal, enabling unauthenticated remote code execution on exposed instances.\n", "creation_timestamp": "2026-06-11T12:02:11.733412Z"}, {"uuid": "3f158c86-169d-4406-81ed-e96ac1121b8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnz7lx4s4726", "content": "Langflow CVE-2026-5027: The Silent Path Traversal Crisis Turning AI Builders Into Open Targets +\u00a0Video\n\nIntroduction: When AI Low-Code Becomes a High-Risk Gateway A quiet but dangerous shift is unfolding inside modern AI infrastructure. Langflow, a popular open-source low-code platform used to\u2026", "creation_timestamp": "2026-06-11T12:20:48.897080Z"}, {"uuid": "b15abdbf-b4ab-4fe6-ae2f-1232b01a9c50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/pixelsandpulse.bsky.social/post/3mnzco5i6c326", "content": "A high-severity path traversal flaw in the AI dev platform Langflow (CVE-2026-5027) is being actively exploited, leading to RCE. With 7,000 instances exposed, this recurring issue demands immediate attention beyond just patching.\n\nhttps://www.tpp.blog/2kygg8e\n\n#cybersecurity #langflow #cve20265027", "creation_timestamp": "2026-06-11T13:15:43.084938Z"}, {"uuid": "a3ba7e05-30bc-4e15-b731-b5a7840b92e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnzgtcv4ee2r", "content": "Hackers are exploiting CVE-2026-5027 in Langflow, a path traversal flaw in /api/v2/files that can allow file writes and possible remote code execution. Thousands of exposed instances may be at risk. #Langflow #CVE2026_5027 #RCE", "creation_timestamp": "2026-06-11T14:30:11.759137Z"}, {"uuid": "43ad902a-b9c4-47c3-906f-5a6cd7d37add", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/theitnerd.ca/post/3mnzmnleith2c", "content": "Threat Actors exploiting High Severity Vulnerability in\u00a0Langflow\n\nThreat actors are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in Langflow, a popular low-code platform for building AI applications....", "creation_timestamp": "2026-06-11T16:14:21.139742Z"}, {"uuid": "f687e73d-9359-4ba9-9ffd-306276168306", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnzq2zq6mm2b", "content": "Critical Langflow flaw (CVE-2026-5027) enables remote code execution via file upload path-traversal. #Langflow #CVE20265027 #CyberSecurity #RemoteCodeExecution #Vulnerability #InfoSec thedailytechfeed.com/critical-lan...", "creation_timestamp": "2026-06-11T17:15:34.309070Z"}, {"uuid": "91c7404f-6efe-49b7-abaf-e5d13880f3d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mnzrmsqlgc2h", "content": "Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE\n\nA high-severity unpatched security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under active exploitation in the wild, according to findings \u2026\n#hackernews #news", "creation_timestamp": "2026-06-11T17:43:23.859846Z"}, {"uuid": "496acb72-d3d1-4a6c-9817-c1aa4959ced5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hakksaww.bsky.social/post/3mnzuquhkpk2m", "content": "CVE-2026-5027, Langflow: we've tracked it as a serial unauth-RCE target since March 21 and had six exploiter IPs indexed in April. New PoC June 11 \u2014 Iran's MuddyWater already weaponized one. And CVE-2026-50751, Check Point IKE: we flagged Qilin burning that edge door June 9, PoC June 10.", "creation_timestamp": "2026-06-11T18:39:21.825456Z"}, {"uuid": "0734283f-d82a-43fc-b915-71c04d5ac017", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnzz6gbjeh2j", "content": "Langflow's CVE-2026-5027 is under active exploitation. Immediate action is needed to secure systems. #Langflow #CVE20265027 #CyberSecurity #AI #OpenSource #SecurityFlaw thedailytechfeed.com/critical-lan...", "creation_timestamp": "2026-06-11T19:58:31.136002Z"}, {"uuid": "7586e0ce-a86a-4b50-bf0b-188c83438f18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnzzaqe4v22y", "content": "Silent Intrusion in the AI Stack: Langflow Exploit CVE-2026-5027 Opens Path to Full Remote Code Execution +\u00a0Video\n\nIntroduction: When AI Development Tools Become the Weakest Link The rapid rise of low-code AI platforms has transformed how organizations build and deploy machine learning\u2026", "creation_timestamp": "2026-06-11T19:59:49.353478Z"}, {"uuid": "f08da765-fec6-4e45-ab2d-c3dd13fb6b10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mo2cklxg2s2h", "content": "Path traversal flaw in AI dev platform Langflow exploited in attacks\n\nAttackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers. [...]\n#hackernews #news", "creation_timestamp": "2026-06-11T22:46:24.188375Z"}, {"uuid": "6e6f3d36-8f00-4153-826a-491c40650e59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mo2p4bqw6b2l", "content": "Top 3 CVE for last 7 days:\nCVE-2026-35273: 33 interactions\nCVE-2026-11645: 27 interactions\nCVE-2025-10263: 25 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-35273: 33 interactions\nCVE-2026-5027: 14 interactions\nCVE-2026-40992: 7 interactions\n", "creation_timestamp": "2026-06-12T02:31:02.282841Z"}, {"uuid": "fe80df3a-dda9-4a84-b764-90ab2a9b5bb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/deafnews-auto.bsky.social/post/3mo6qibtnji2o", "content": "Langflow CVE-2026-5027: RCE Under Active Exploitation with 7,000 Instances Exposed", "creation_timestamp": "2026-06-13T17:06:17.248066Z"}, {"uuid": "d63ffe91-91aa-4c6d-9dba-47da9c0105d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "Telegram/bfOUhtYO5_knJKoj_if_OKxt7hZq78r0zHfwCUUuIAza2Gk", "content": "", "creation_timestamp": "2026-06-11T11:00:12.000000Z"}, {"uuid": "dc77e326-cc67-42cd-8944-ceee43a6af0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "Telegram/X3d0ov_B01fXeFh1HIc4iOWU-yKPAhiRlXClKZPas190B7A", "content": "", "creation_timestamp": "2026-06-11T09:00:04.000000Z"}, {"uuid": "600591be-83aa-43ac-b7ef-f5005a4c9385", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "Telegram/hOZ5XelJOiX--Yp9zYzDybgdOTYrx_Qo8lBF3Sv3gPksfQ", "content": "", "creation_timestamp": "2026-06-10T19:25:41.000000Z"}, {"uuid": "64e3d602-58d8-4abd-9cfc-c734c536ab76", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c9f28bbb-c45e-4141-9a6c-89427b27dbd7", "content": "", "creation_timestamp": "2026-06-19T12:45:07.467664Z"}, {"uuid": "9b08616a-2486-463c-b827-b70cc6c2ed65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/le-fil-ia.bsky.social/post/3mosjxxpznl2r", "content": "7 000 serveurs Langflow attaqu\u00e9s en ce moment, et personne ne regardait de ce c\u00f4t\u00e9.\n\nLa faille (CVE-2026-5027, not\u00e9e 8,8/10) vit dans l'endpoint d'upload de Langflow : le nom de fichier passe sans aucun contr\u00f4le, on peut donc \u00e9crire o\u00f9 on veut sur le\u2026 https://www.lefilia.fr/article/4909059", "creation_timestamp": "2026-06-21T14:03:01.660624Z"}, {"uuid": "a38e0f06-3d7b-4cb4-b2b6-08421bd4d24b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/insomnisec.bsky.social/post/3movr7puprz2v", "content": "\ud83d\udce1 CVE-2026-5027: Path Traversal in Langflow Enables Unauthenticated File Write and Remote Code Execution", "creation_timestamp": "2026-06-22T20:50:37.398244Z"}, {"uuid": "b3f55cc8-d0c9-4bf4-a4ef-fa16c09960b8", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/587a20e7-a453-432e-a04d-c31630e6139a", "content": "", "creation_timestamp": "2026-06-23T14:02:58.245194Z"}, {"uuid": "02420b67-2d4a-478d-a463-7446e8a71eb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50279", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpmqelc4it2n", "content": "CVE-2026-50279 - Craft CMS: Authorship spoofing in `entries/save-entry` via pre-check/post-mutation authorization gap\nCVE ID : CVE-2026-50279\n \n Published : July 1, 2026, 11:31 p.m. | 15\u00a0minutes ago\n \n Description : Craft CMS is a content management system (CMS). IN versions 5...", "creation_timestamp": "2026-07-02T00:06:40.674850Z"}, {"uuid": "b4d91730-cd3d-4a44-a3d9-33fc4df1b00f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50279", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpohgg4n5x2n", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-50279 \u0432 Craft CMS: \u0443\u0433\u0440\u043e\u0437\u044b, \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/3B169A75-4BF0-4585-AEB5-2FAB63F6FFBD", "creation_timestamp": "2026-07-02T16:31:58.012282Z"}, {"uuid": "ac6cd225-a5ef-4c08-91c6-24bb0453766b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50279", "type": "seen", "source": "https://bsky.app/profile/qiancx.bsky.social/post/3mpohggb6vs2a", "content": "Craft CMS \u5b89\u5168\u6f0f\u6d1e CVE-2026-50279 \u6df1\u5ea6\u89e3\u6790:\u5f71\u54cd\u8303\u56f4\u3001\u4fee\u590d\u5efa\u8bae\u4e0e\u9632\u62a4\u7b56\u7565\n\n\n\nhttps://qian.cx/posts/309E4EBD-7E68-41D7-B8A8-18003366E85C", "creation_timestamp": "2026-07-02T16:31:58.490030Z"}, {"uuid": "0c2a953f-4b85-41c7-9ec5-948a81ecaa39", "vulnerability_lookup_origin": "c8fb6bf1-f81f-4cb8-95b1-eadbb3b54ee8", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/fcecfeec-83e7-4b34-9b3e-0f84eeb1e137", "content": "", "creation_timestamp": "2026-07-12T01:01:35.365898Z"}, {"uuid": "d320fc9e-cab5-4850-ad6f-8ab9b24fa3a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "https://t.me/ctinow/251606", "content": "Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE\nhttps://ift.tt/mPDHNWB", "creation_timestamp": "2026-07-12T08:00:06.149400Z"}, {"uuid": "4bb04f1b-20e0-43a1-b81f-4b09d49494a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "https://t.me/true_secator/8300", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0441\u0440\u0435\u0434\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0442\u043c\u0435\u0442\u0438\u043c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435:\n\n1. Fortinet \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0442\u0440\u0438 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044f, \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 FortiSandbox, FortiOS, FortiProxy \u0438 FortiPortal.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0438\u0437 \u0442\u0440\u0435\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2026-25089\u00a0(CVSS 9,8), \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0430\u044f \u0441\u043e\u0431\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e FortiSandbox, FortiSandbox Cloud \u0438 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 FortiSandbox PaaS.\n\n\u0414\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 - \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 FortiOS \u0438 FortiProxy, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 API FortiPortal \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n2. Ivanti \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 Sentry 10.5.2, 10.6.2 \u0438 10.7.1, \u0430 \u0442\u0430\u043a\u0436\u0435 Endpoint Manager Mobile (EPMM) 12.9.0.1, 12.8.0.3 \u0438 12.7.0.2, \u0432 \u043a\u0430\u0436\u0434\u043e\u0439 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Sentry\u00a0\u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442\u00a0\u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2026-10520 (CVSS 10), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root.\n\n\u0412\u0442\u043e\u0440\u0430\u044f CVE-2026-10523 (CVSS 9,9), \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 \u0440\u043e\u043b\u044c\u044e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c.\n\n\u0412 EPMM \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0434\u0432\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 CVE-2026-6973 \u0438 CVE-2026-10727, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432 Apache \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n3. \u0425\u0430\u043a\u0435\u0440\u044b \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u0435\u043c\u043e\u0439 Arista (EOS) \u043a\u0430\u043a 0-day, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430. CVE-2026-7473 (CVSS 6,9), \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u0442\u0435\u043c, \u0447\u0442\u043e \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445 \u0442\u0438\u043f \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0442\u0443\u043d\u043d\u0435\u043b\u044f \u043d\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043d\u0435\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Arista EOS, \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0445 \u043a\u0430\u043a \u0442\u0443\u043d\u043d\u0435\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0435 \u0442\u043e\u0447\u043a\u0438 \u0441 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u043c \u0434\u0435\u043a\u0430\u043f\u0441\u0443\u043b\u044f\u0446\u0438\u0438, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0433\u0440\u0443\u043f\u043f\u0430\u043c\u0438 \u0434\u0435\u043a\u0430\u043f\u0441\u0443\u043b\u044f\u0446\u0438\u0438, \u0442\u0443\u043d\u043d\u0435\u043b\u044c\u043d\u044b\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u043e\u043c GRE (Generic Routing Encapsulation) \u0438\u043b\u0438 VXLAN (Virtual Extensible LAN).\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u0441\u0435\u0440\u0438\u0439 7020R, 7280R/R2 \u0438 7500R/R2. \u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 IP-in-IPv6 \u0438 GUE IPV6 decap group \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043c\u044b \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c \u0441\u0435\u0440\u0438\u0439 7280R3, 7500R3 \u0438 7800R3.\n\n4. ServiceNow \u0438\u043d\u0444\u043e\u0440\u043c\u0438\u0440\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0435\u0439 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0435 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043b\u0430 \u043d\u0438\u043a\u0430\u043a\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e\u0431 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0435, \u043d\u043e \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0435, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c (\u043a\u043e\u043f\u0438\u044f\u00a0\u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0431\u044b\u043b\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430 \u043d\u0430 Reddit), \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 5 \u0438\u044e\u043d\u044f.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0437\u043d\u0430\u043b \u043e\u0431 \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0441 7 \u0430\u043f\u0440\u0435\u043b\u044f, \u043d\u043e \u043d\u0435 \u0441\u0447\u0438\u0442\u0430\u043b \u0435\u0451 \u043e\u043f\u0430\u0441\u043d\u043e\u0439. \u041f\u043e\u043a\u0430 \u043d\u0435\u044f\u0441\u043d\u043e, \u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u043e \u0438 \u043a\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u043e\u044f\u0442\u044c \u0437\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0430\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n5. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Microsoft Exchange \u0434\u043b\u044f \u0440\u0430\u0441\u0441\u044b\u043b\u043a\u0438 \u0441\u043f\u0430\u043c\u0430 \u0432 \u0432\u0438\u0434\u0435 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0445 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0445 \u043f\u0438\u0441\u0435\u043c. \u0423\u044f\u0437\u0432\u0438\u043c\u044b Exchange Online \u0438 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Exchange \u0432 \u0433\u0438\u0431\u0440\u0438\u0434\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0441 \u043a\u043e\u043d\u0446\u0430 \u0430\u043f\u0440\u0435\u043b\u044f. \u0412 \u0430\u043f\u0440\u0435\u043b\u0435 \u0431\u044b\u043b \u0432\u044b\u043f\u0443\u0449\u0435\u043d \u043f\u0430\u0442\u0447 \u043f\u0440\u043e\u0442\u0438\u0432 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u043f\u0438\u0441\u0435\u043c, \u043d\u043e \u0447\u0435\u0440\u0435\u0437 \u043f\u044f\u0442\u044c \u0434\u043d\u0435\u0439 \u043e\u043d \u0431\u044b\u043b \u043e\u0442\u043c\u0435\u043d\u0435\u043d. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430.\n\n6. \u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0418\u0418 \u0441\u0435\u0439\u0447\u0430\u0441 \u0432 \u0442\u0440\u0435\u043d\u0434\u0435, \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Langflow AI \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c - CVE-2026-5027, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0451 \u0432 \u043c\u0430\u0440\u0442\u0435.\n\n7. Anthropic \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0435\u0451 \u043c\u043e\u0434\u0435\u043b\u044c \u0432 \u0441\u0444\u0435\u0440\u0435 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Mythos \u0442\u0435\u043f\u0435\u0440\u044c \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u0435\u043d\u0435\u0435 \u0447\u0435\u043c \u0437\u0430 \u0447\u0430\u0441.\n\n\u0412 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0445 \u0442\u0435\u0441\u0442\u0430\u0445 Mythos \u0441\u043c\u043e\u0433\u043b\u0430 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043a\u0430\u043a \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Firefox, \u0442\u0430\u043a \u0438 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Windows. \u0411\u043e\u043b\u0435\u0435 \u043f\u0440\u043e\u0441\u0442\u044b\u0435 \u043c\u043e\u0434\u0435\u043b\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, Claude Opus \u0438 Sonnet, \u0442\u0430\u043a\u0436\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0440\u0430\u0431\u043e\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u043d\u043e \u0441 \u043c\u0435\u043d\u044c\u0448\u0435\u0439 \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u044c\u044e.", "creation_timestamp": "2026-07-12T08:00:06.765925Z"}, {"uuid": "59bf497d-20f5-4479-a913-c5479a937ba4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "https://t.me/TengkorakCyberCrewzz/11050", "content": "Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE \u2013 thehackernews.com\n\nWed, 10 Jun 2026 23:00:59", "creation_timestamp": "2026-07-12T09:01:47.793634Z"}, {"uuid": "c060fe1b-f3fc-4066-8379-74117aaa107a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "https://t.me/cibsecurity/89671", "content": "\ud83d\udd8b\ufe0f Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE \ud83d\udd8b\ufe0f\n\nA highseverity unpatched security flaw in Langflow, an opensource lowcode platform to build artificial intelligence AI applications, has come under active exploitation in the wild, according to findings from VulnCheck.  The vulnerability in question is CVE20265027 CVSS score 8.8, a case of path traversal that could allow an attacker to write files to arbitrary locations.  \"The 'POST .\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2026-07-12T09:01:48.052502Z"}, {"uuid": "ca354160-e842-4c8f-a02e-7e3667ac7aaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "https://t.me/BleepingComputer/24872", "content": "\u200aPath traversal flaw in AI dev platform Langflow exploited in attacks\n\nAttackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers. [...]\n\nhttps://www.bleepingcomputer.com/news/security/path-traversal-flaw-in-ai-dev-platform-langflow-exploited-in-attacks/", "creation_timestamp": "2026-07-12T10:00:04.501969Z"}, {"uuid": "6881669f-8710-4aa5-810b-e358cd5a19b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5027", "type": "seen", "source": "https://infosec.exchange/users/threatcodex/statuses/116906932779262887", "content": "CVE-2025-3248 and CVE-2026-5027: Langflow RCE Vulnerabilities Explained#CVE_2025_3248 #CVE_2026_5027 #Flodrix https://www.picussecurity.com/resource/blog/cve-2025-3248-cve-2026-5027-langflow-rce", "creation_timestamp": "2026-07-12T12:10:27.985838Z"}, {"uuid": "d7914bed-abce-41f6-af89-c0d205e01f21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "https://t.me/TengkorakCyberCrewzz/11050", "content": "Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE \u2013 thehackernews.com\n\nWed, 10 Jun 2026 23:00:59", "creation_timestamp": "2026-07-13T00:00:48.284784Z"}, {"uuid": "41295485-4dfa-4ce5-a089-a4de2e7bdd40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "https://t.me/ctinow/251606", "content": "Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE\nhttps://ift.tt/mPDHNWB", "creation_timestamp": "2026-07-13T00:00:48.611630Z"}, {"uuid": "3d5983f1-46b8-4bd4-99d4-0c9c33969f11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "https://t.me/BleepingComputer/24872", "content": "\u200aPath traversal flaw in AI dev platform Langflow exploited in attacks\n\nAttackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers. [...]\n\nhttps://www.bleepingcomputer.com/news/security/path-traversal-flaw-in-ai-dev-platform-langflow-exploited-in-attacks/", "creation_timestamp": "2026-07-13T00:00:46.979337Z"}, {"uuid": "22eb5705-677b-4d55-9b74-55e1705e7813", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "https://t.me/cibsecurity/89671", "content": "\ud83d\udd8b\ufe0f Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE \ud83d\udd8b\ufe0f\n\nA highseverity unpatched security flaw in Langflow, an opensource lowcode platform to build artificial intelligence AI applications, has come under active exploitation in the wild, according to findings from VulnCheck.  The vulnerability in question is CVE20265027 CVSS score 8.8, a case of path traversal that could allow an attacker to write files to arbitrary locations.  \"The 'POST .\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2026-07-13T00:00:48.487785Z"}, {"uuid": "8b878372-0858-49d6-a585-8df113de7440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "exploited", "source": "https://t.me/true_secator/8300", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0441\u0440\u0435\u0434\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0442\u043c\u0435\u0442\u0438\u043c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435:\n\n1. Fortinet \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0442\u0440\u0438 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044f, \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 FortiSandbox, FortiOS, FortiProxy \u0438 FortiPortal.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0438\u0437 \u0442\u0440\u0435\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2026-25089\u00a0(CVSS 9,8), \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0430\u044f \u0441\u043e\u0431\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e FortiSandbox, FortiSandbox Cloud \u0438 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 FortiSandbox PaaS.\n\n\u0414\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 - \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 FortiOS \u0438 FortiProxy, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 API FortiPortal \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n2. Ivanti \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 Sentry 10.5.2, 10.6.2 \u0438 10.7.1, \u0430 \u0442\u0430\u043a\u0436\u0435 Endpoint Manager Mobile (EPMM) 12.9.0.1, 12.8.0.3 \u0438 12.7.0.2, \u0432 \u043a\u0430\u0436\u0434\u043e\u0439 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Sentry\u00a0\u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442\u00a0\u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2026-10520 (CVSS 10), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root.\n\n\u0412\u0442\u043e\u0440\u0430\u044f CVE-2026-10523 (CVSS 9,9), \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 \u0440\u043e\u043b\u044c\u044e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c.\n\n\u0412 EPMM \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0434\u0432\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 CVE-2026-6973 \u0438 CVE-2026-10727, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432 Apache \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n3. \u0425\u0430\u043a\u0435\u0440\u044b \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u0435\u043c\u043e\u0439 Arista (EOS) \u043a\u0430\u043a 0-day, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430. CVE-2026-7473 (CVSS 6,9), \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u0442\u0435\u043c, \u0447\u0442\u043e \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445 \u0442\u0438\u043f \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0442\u0443\u043d\u043d\u0435\u043b\u044f \u043d\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043d\u0435\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Arista EOS, \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0445 \u043a\u0430\u043a \u0442\u0443\u043d\u043d\u0435\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0435 \u0442\u043e\u0447\u043a\u0438 \u0441 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u043c \u0434\u0435\u043a\u0430\u043f\u0441\u0443\u043b\u044f\u0446\u0438\u0438, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0433\u0440\u0443\u043f\u043f\u0430\u043c\u0438 \u0434\u0435\u043a\u0430\u043f\u0441\u0443\u043b\u044f\u0446\u0438\u0438, \u0442\u0443\u043d\u043d\u0435\u043b\u044c\u043d\u044b\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u043e\u043c GRE (Generic Routing Encapsulation) \u0438\u043b\u0438 VXLAN (Virtual Extensible LAN).\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u0441\u0435\u0440\u0438\u0439 7020R, 7280R/R2 \u0438 7500R/R2. \u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 IP-in-IPv6 \u0438 GUE IPV6 decap group \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043c\u044b \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c \u0441\u0435\u0440\u0438\u0439 7280R3, 7500R3 \u0438 7800R3.\n\n4. ServiceNow \u0438\u043d\u0444\u043e\u0440\u043c\u0438\u0440\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0435\u0439 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0435 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043b\u0430 \u043d\u0438\u043a\u0430\u043a\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e\u0431 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0435, \u043d\u043e \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0435, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c (\u043a\u043e\u043f\u0438\u044f\u00a0\u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0431\u044b\u043b\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430 \u043d\u0430 Reddit), \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 5 \u0438\u044e\u043d\u044f.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0437\u043d\u0430\u043b \u043e\u0431 \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0441 7 \u0430\u043f\u0440\u0435\u043b\u044f, \u043d\u043e \u043d\u0435 \u0441\u0447\u0438\u0442\u0430\u043b \u0435\u0451 \u043e\u043f\u0430\u0441\u043d\u043e\u0439. \u041f\u043e\u043a\u0430 \u043d\u0435\u044f\u0441\u043d\u043e, \u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u043e \u0438 \u043a\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u043e\u044f\u0442\u044c \u0437\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0430\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n5. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Microsoft Exchange \u0434\u043b\u044f \u0440\u0430\u0441\u0441\u044b\u043b\u043a\u0438 \u0441\u043f\u0430\u043c\u0430 \u0432 \u0432\u0438\u0434\u0435 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0445 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0445 \u043f\u0438\u0441\u0435\u043c. \u0423\u044f\u0437\u0432\u0438\u043c\u044b Exchange Online \u0438 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Exchange \u0432 \u0433\u0438\u0431\u0440\u0438\u0434\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0441 \u043a\u043e\u043d\u0446\u0430 \u0430\u043f\u0440\u0435\u043b\u044f. \u0412 \u0430\u043f\u0440\u0435\u043b\u0435 \u0431\u044b\u043b \u0432\u044b\u043f\u0443\u0449\u0435\u043d \u043f\u0430\u0442\u0447 \u043f\u0440\u043e\u0442\u0438\u0432 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u043f\u0438\u0441\u0435\u043c, \u043d\u043e \u0447\u0435\u0440\u0435\u0437 \u043f\u044f\u0442\u044c \u0434\u043d\u0435\u0439 \u043e\u043d \u0431\u044b\u043b \u043e\u0442\u043c\u0435\u043d\u0435\u043d. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430.\n\n6. \u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0418\u0418 \u0441\u0435\u0439\u0447\u0430\u0441 \u0432 \u0442\u0440\u0435\u043d\u0434\u0435, \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Langflow AI \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c - CVE-2026-5027, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0451 \u0432 \u043c\u0430\u0440\u0442\u0435.\n\n7. Anthropic \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0435\u0451 \u043c\u043e\u0434\u0435\u043b\u044c \u0432 \u0441\u0444\u0435\u0440\u0435 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Mythos \u0442\u0435\u043f\u0435\u0440\u044c \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u0435\u043d\u0435\u0435 \u0447\u0435\u043c \u0437\u0430 \u0447\u0430\u0441.\n\n\u0412 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0445 \u0442\u0435\u0441\u0442\u0430\u0445 Mythos \u0441\u043c\u043e\u0433\u043b\u0430 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043a\u0430\u043a \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Firefox, \u0442\u0430\u043a \u0438 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Windows. \u0411\u043e\u043b\u0435\u0435 \u043f\u0440\u043e\u0441\u0442\u044b\u0435 \u043c\u043e\u0434\u0435\u043b\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, Claude Opus \u0438 Sonnet, \u0442\u0430\u043a\u0436\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0440\u0430\u0431\u043e\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u043d\u043e \u0441 \u043c\u0435\u043d\u044c\u0448\u0435\u0439 \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u044c\u044e.", "creation_timestamp": "2026-07-13T00:00:49.191916Z"}]}