{"vulnerability": "cve-2025-34291", "sightings": [{"uuid": "445c7237-ab1b-40eb-a88b-05cffc9c1de1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-34291", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/115669352580293240", "content": "", "creation_timestamp": "2025-12-05T22:37:32.579335Z"}, {"uuid": "d1434157-edd4-4fd2-b752-36dd718576b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m7blfxhfwd2n", "content": "", "creation_timestamp": "2025-12-05T22:55:35.013946Z"}, {"uuid": "f22e2a04-54c8-47c9-a111-9ae50508539d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://mastodon.social/users/verbrecher/statuses/115673292044950996", "content": "", "creation_timestamp": "2025-12-06T15:19:26.913700Z"}, {"uuid": "8deaa40b-7410-49e8-8ad1-2487cd0e71b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3m7j3d7jucc2j", "content": "", "creation_timestamp": "2025-12-08T22:29:03.677700Z"}, {"uuid": "d5d31da3-0541-4af4-b63b-b85e64546222", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-34291.yaml", "content": "", "creation_timestamp": "2026-01-03T23:47:09.000000Z"}, {"uuid": "2afad3ec-f36b-4157-ae25-5276a70999bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mbmt47y3pf22", "content": "", "creation_timestamp": "2026-01-04T21:02:59.752909Z"}, {"uuid": "b2a2087a-9f47-49a8-8e2c-53f11370d5ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/crowdsec.bsky.social/post/3mddihlgsfk2s", "content": "", "creation_timestamp": "2026-01-26T14:48:56.835493Z"}, {"uuid": "5c4324c0-f788-4099-a4ae-da3ebd0a5da3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mdgnthprbx2j", "content": "", "creation_timestamp": "2026-01-27T21:03:05.049555Z"}, {"uuid": "f7aca27d-fc68-4460-958e-3d73c0d44386", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "published-proof-of-concept", "source": "Telegram/p6_7Fzr7AE5-s9SdgqzAFTlpxGf9IMuh2DhHzRrKndjq5KI", "content": "", "creation_timestamp": "2026-05-18T21:00:03.000000Z"}, {"uuid": "a283f098-5f60-4e5e-984d-5edb50d201d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6547502", "content": "2026-05-21: [CVE-2025-34291] Langflow Origin Validation Error VulnerabilityLangflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh endpoint. This could allow the attacker to execute arbitrary code and achieve full system compromise via obtained tokens that permit access to authenticated endpoints.\ncisakev", "creation_timestamp": "2026-05-21T19:22:23.274443Z"}, {"uuid": "98f3730d-90b0-4c20-a9a3-cb1e847ae4ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mmf5sd5pa32s", "content": "\ud83d\uded1 CVE-2025-34291\nLangflow Langflow\nCVSS 9.4 / EPSS 9% / KEV\nTL;DR: Langflow versions up to and including 1.6.9 contain a chained vulnerability that enabl\u2026\nhttps://cvesentinel.replit.app/report/CVE-2025-34291?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-05-21T19:30:07.691473Z"}, {"uuid": "d498b8af-77c2-46bd-90e3-8adc907b7832", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://thehackernews.com/2026/05/cisa-adds-exploited-langflow-and-trend.html", "content": "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Langflow and Trend Micro Apex One to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\n\nThe vulnerabilities in question are listed below -\n\n\n  CVE-2025-34291 (CVSS score: 9.4) - An origin validation error vulnerability in Langflow that could", "creation_timestamp": "2026-05-22T03:47:33.000000Z"}, {"uuid": "d69196cb-4289-4f8f-a016-2a3112892af7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "Telegram/pgeIv_xa8AzQaCo8hqS5hlx8pfGv-ldT0nDTSWu_i-eUGA", "content": "", "creation_timestamp": "2026-05-22T07:29:55.000000Z"}, {"uuid": "2798f7ec-ecfb-4a1c-b373-d09cdd774fb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://www.acn.gov.it/portale/w/langflow-rilevato-sfruttamento-della-cve-2025-34291", "content": "", "creation_timestamp": "2026-05-22T06:10:44.000000Z"}, {"uuid": "0f86bb4e-c9ea-416a-99db-e9467e6f2e2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/kubonai.bsky.social/post/3mmhbv4rldr2q", "content": "CVE-2025-34291 & CVE-2026-34926: Critical Langflow RCE and Trend Micro Apex O...\n\nCISA adds two critical vulnerabilities to KEV catalog: CVE-2025-34291 (Langflow CORS misconfiguration enabling accou...\n\n\ud83d\udd17 https://ipsec.live/blog/2026-05-22-langflow-apex-one-cisa-kev\n\n#infosec #cybersecurity", "creation_timestamp": "2026-05-22T15:48:35.916605Z"}, {"uuid": "4b287d72-56f4-4e2d-9f91-6461ddca020b", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3de6464b-7f59-4e0e-a407-d5f8c516ea1e", "content": "", "creation_timestamp": "2026-05-22T17:00:02.446253Z"}, {"uuid": "cf5672c8-ba74-42f6-b944-7f368a061845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116619809226441932", "content": "\ud83d\udcf0 CISA KEV Catalog Updated: Actively Exploited Langflow and Trend Micro Flaws Demand Urgent Patching\n\ud83d\udce2 CISA KEV UPDATE: Two new vulnerabilities affecting Langflow (CVE-2025-34291) & Trend Micro Apex One (CVE-2026-34926) are being actively exploited. Federal agencies mandated to patch. All orgs urged to patch NOW! #CyberSecurity #Vulnerability #Patc...\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/cisa-adds-langflow-and-trend-micro-bugs-to-kev-catal\u2026", "creation_timestamp": "2026-05-22T19:11:13.795713Z"}, {"uuid": "bd7ac6e1-280e-43da-9210-32cd5cd3c611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mmhnazrwsk2x", "content": "\ud83d\udce2 CISA KEV UPDATE: Two new vulnerabilities affecting Langflow (CVE-2025-34291) & Trend Micro Apex One (CVE-2026-34926) are being actively exploited. Federal agencies mandated to patch. All orgs urged to patch NOW! #CyberSecurity #Vulnerability #Patc...\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-05-22T19:12:07.695830Z"}, {"uuid": "b62eb160-1e8c-4c38-b3a2-0284c5bd03b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mmiontm2ao2p", "content": "Every Langflow install on version 1.6.9 or older is being targeted by Iran's MuddyWater APT. CISA added CVE-2025-34291 to its KEV catalog May 21. The flaw chains permissive CORS with a CSRF gap on a code-execution endpoint, enabling account takeover and RCE. Federal patch deadline: June 4.", "creation_timestamp": "2026-05-23T05:09:50.953927Z"}, {"uuid": "86951268-c6e7-441d-b7f3-0a231a9bd76c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://t.me/thehackernews/9060", "content": "\ud83d\udea8 CISA just added two actively exploited vulns to its KEV catalog.\n\nhttps://thehackernews.com/2026/05/cisa-adds-exploited-langflow-and-trend.html\n\nCritical RCE in Langflow (CVE-2025-34291, CVSS 9.4) and directory traversal in Trend Micro Apex One (on-prem).\n\nPatch now if you're using either.", "creation_timestamp": "2026-05-22T07:12:29.000000Z"}, {"uuid": "e1b0b175-7d3f-4e76-a7db-53bda259e0ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/cyberlensai.bsky.social/post/3mmlqd6ylh72w", "content": "CVE watch: CVE-2025-34291: Langflow Langflow \u2014 Langflow Origin Validation Error\u2026\n\nCheck exposure, dependency, and agent/tool access before panic-patching. Inventory beats vibes.\n\nSource: cisa.gov\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2025-34291", "creation_timestamp": "2026-05-24T10:17:39.576708Z"}, {"uuid": "330a3cfd-d9f2-4232-b64d-8d56b1adc2e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/deafnews-auto.bsky.social/post/3mmmjhc252h2g", "content": "CISA Adds Critical Langflow Vulnerability (CVE-2025-34291) to KEV Catalog Following Active Exploitation", "creation_timestamp": "2026-05-24T17:47:20.782784Z"}, {"uuid": "f91e0652-264c-4f27-8843-1be09ab90d7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "Telegram/hQ1BgqlandqZtiBEN_8bc-Jqb7FATWW_NqNwwco7cLj54NM", "content": "", "creation_timestamp": "2026-05-23T03:00:04.000000Z"}, {"uuid": "03f3d285-4bc5-4c07-9b61-b0ed552af415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mmpbklfn5o2x", "content": "CISA has added two vulnerabilities to its KEV catalog: CVE-2025-34291 (CVSS 9.4) in Langflow, allowing arbitrary code execution and full system compromise, and CVE-2026-34926 (CVSS 6.7) in Trend Micro Apex One, enabling local attackers to inject malicious code.", "creation_timestamp": "2026-05-25T20:04:00.680294Z"}, {"uuid": "344c40e6-3340-4263-85c2-67ffb7a2a27d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mmrvjmqiyx2u", "content": "\ud83d\uded1 CVE-2025-34291\n\nCVSS 9.4 / EPSS 30% / KEV\nTL;DR: Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account takeover and\u2026\nhttps://cvesentinel.com/report/CVE-2025-34291?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-05-26T21:06:42.429327Z"}, {"uuid": "b45edffc-5cee-4e6b-bc2f-acf2708c6fe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mmrvjyxdaj2s", "content": "\ud83d\uded1 CVE-2025-34291\n\nCVSS 9.4 / EPSS 30% / KEV\nTL;DR: Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account takeover and\u2026\nhttps://cvesentinel.com/report/CVE-2025-34291?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-05-26T21:06:55.103383Z"}, {"uuid": "7c72e5a1-77a0-4742-8314-9f317cbf0a8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mocwrua7pv2k", "content": "Any unpatched Langflow instance is being scanned by Iranian APT MuddyWater right now. CVE-2025-34291 (CVSS 9.4) gives full code execution and exposes every API key in the workspace, cascading into connected cloud services. CISA has set the federal patch deadline at June 4.", "creation_timestamp": "2026-06-15T09:09:39.558952Z"}, {"uuid": "630f42fe-fc7f-4758-9803-b0488b66c216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3moln2wcggs2q", "content": "CISA Adds Two Known Exploited Vulnerabilities to Catalog\nRelease Date May 21, 2026\n\nCVE-2025-34291 Langflow Origin Validation Error Vulnerability\nCVE-2026-34926 Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability", "creation_timestamp": "2026-06-18T20:09:44.710155Z"}, {"uuid": "6917a964-ab63-4eea-befe-478f4b6a591c", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d65f95ac-904d-4d6e-a76f-56217a49e605", "content": "", "creation_timestamp": "2026-06-19T12:45:11.860599Z"}, {"uuid": "da6bb368-fa5b-4810-971b-694d10451847", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mopx5wsnxk2s", "content": "\u7c73\u5f53\u5c40\u3001\u300cLangflow\u300d\u3084\u300cApex One\u300d\u306e\u8106\u5f31\u6027\u60aa\u7528\u306b\u6ce8\u610f\u559a\u8d77\n\n\u7c73\u5f53\u5c40\u306f\u3001\u30ed\u30fc\u30b3\u30fc\u30c9\u958b\u767a\u30c4\u30fc\u30eb\u3084\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56\u88fd\u54c1\u306e\u8106\u5f31\u6027\u304c\u60aa\u7528\u3055\u308c\u3066\u3044\u308b\u3068\u3057\u3001\u6ce8\u610f\u559a\u8d77\u3092\u884c\u3063\u305f\u3002\n\n\u7c73\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f\u73fe\u5730\u6642\u95932026\u5e745\u670821\u65e5\u3001\u300cCVE-2025-34291\u300d\u300cCVE-2026-34926\u300d\u306e\u8106\u5f31\u6027\u3092\u300c\u60aa\u7528\u304c\u78ba\u8a8d\u3055\u308c\u305f\u8106\u5f31\u6027\u30ab\u30bf\u30ed\u30b0\uff08KEV\uff09\u300d\u3078\u8ffd\u52a0\u3057\u305f\u3002\n\n\u300cCVE-2025-34291\u300d\u306f\u3001\u30ed\u30fc\u30b3\u30fc\u30c9\u958b\u767a\u30c4\u30fc\u30eb\u300cLangflow\u300d\u306b\u5224\u660e\u3057\u305f\u30aa\u30ea\u30b8\u30f3\u691c\u8a3c\u4e0d\u5099\u306b\u8d77\u56e0\u3059\u308b\u8106\u5f31\u6027\u30022025\u5e7412\u6708\u306b\u5831\u544a\u3055\u308c\u305f\u3002\n\n\u30c9\u30e1\u30a4\u30f3\u3092\u307e\u305f\u304c\u308b\u901a\u4fe1\u5148\u306e...", "creation_timestamp": "2026-06-20T13:21:03.882810Z"}, {"uuid": "dc7cc3df-c3b3-48ce-b0c3-48379ef9503a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mopy4r7tvk2s", "content": "CISA\u304cLangflow\u3068Trend Micro Apex One\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u3092KEV\u306b\u8ffd\u52a0\n\n\u7c73\u56fd\u306e\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f\u6728\u66dc\u65e5\u3001 Langflow\u3068Trend Micro Apex One\u306b\u5f71\u97ff\u3092\u4e0e\u3048\u308b2\u3064\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4e0a\u306e\u6b20\u9665\u3092\u3001\u5b9f\u969b\u306b\u60aa\u7528\u3055\u308c\u3066\u3044\u308b\u8a3c\u62e0\u304c\u3042\u308b\u3068\u3057\u3066\u3001\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\uff08KEV\uff09\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0\u3057\u305f\u3002\n\n\u554f\u984c\u3068\u306a\u3063\u3066\u3044\u308b\u8106\u5f31\u6027\u306f\u4ee5\u4e0b\u306e\u3068\u304a\u308a\u3067\u3059\u3002\n\nCVE-2025-34291\uff08CVSS\u30b9\u30b3\u30a2\uff1a9.4\uff09 - Langflow\u306b\u304a\u3051\u308b\u30aa\u30ea\u30b8\u30f3\u691c\u8a3c\u30a8\u30e9\u30fc\u306e\u8106\u5f31\u6027\u3002\u653b\u6483\u8005\u304c\u4efb\u610f\u306e\u30b3\u30fc\u30c9\u3092\u5b9f\u884c\u3057\u3001\u30b7\u30b9\u30c6\u30e0\u5168\u4f53\u3092\u4fb5\u5bb3\u3059...", "creation_timestamp": "2026-06-20T13:38:21.090342Z"}, {"uuid": "abee3a87-4729-4ef0-a073-2d7f873d7abd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mopyvoxdrs2s", "content": "\u7c73\u56fd\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f\u3001\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u30ea\u30b9\u30c8\u306b\u30c8\u30ec\u30f3\u30c9\u30de\u30a4\u30af\u30ed\u306eApex One\u3068Langflow\u3092\u8ffd\u52a0\u3057\u305f\u3002\n\n\u7c73\u56fd\u306e\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09 \u306f\u3001Windows Shell\u3068ConnectWise ScreenConnect\u306e\u8106\u5f31\u6027\u3092\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\uff08KEV\uff09\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0\u3057\u305f\u3002\n\n\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0\u3055\u308c\u305f\u4e0d\u5177\u5408\u306f\u4ee5\u4e0b\u306e\u3068\u304a\u308a\u3067\u3059\u3002\n\nCVE-2025-34291  Langflow Origin\u691c\u8a3c\u30a8\u30e9\u30fc\u306e\u8106\u5f31\u6027\nCVE-2026-34926  Trend Micro Apex...", "creation_timestamp": "2026-06-20T13:52:16.505924Z"}, {"uuid": "ca6e00ae-b73d-4bd8-8965-6f79922a93c3", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34291", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/455f8729-4848-40c3-afd3-785bc8bcbbe8", "content": "", "creation_timestamp": "2026-06-23T14:03:37.781328Z"}]}