No new CVEs qualifying for the main findings section were first disclosed within the June 10 3:30 PM — June 11 7:30 AM Eastern coverage window. The period immediately follows the largest Patch Tuesday in Microsoft history (June 9) and falls in a post-cycle publication trough. The primary item of note is CVE-2026-5027 in the Langflow AI development platform — a path traversal vulnerability with confirmed active exploitation and ~7,000 exposed instances — published by BleepingComputer at approximately 5 PM ET on June 10. Langflow is not in the standard enterprise technology inventory; it is documented in the AI Security Intelligence section below. Three previously disclosed, actively exploited vulnerabilities remain on the Active Exploit Watch List: CVE-2026-11645 (Chrome V8, CISA KEV, Day 3 of 7), CVE-2026-50751 (Check Point Security Gateway, CISA KEV, Day 4 of 7), and CVE-2026-42897 (Exchange Server OWA, partial patch — SE only, ongoing). The sweep log documents four significant pre-window findings that narrowly missed this coverage period: OpenSSL CVE-2026-45447 (HIGH, PKCS7 heap use-after-free, discovered with Claude AI/Anthropic Research), Fortinet CVE-2026-25089 (CVSS 9.1), and Ivanti CVE-2026-10520 (CVSS 10.0) — all disclosed June 9.
Detailed Findings — Sorted by Severity (Critical → High → Medium → Low)
🛡
No New First-Disclosure CVEs for June 11, 2026
No qualifying vulnerabilities were first published in inventory-gate products during the June 10 3:30 PM — June 11 7:30 AM Eastern coverage window. This report follows the record-breaking June 9 Patch Tuesday cycle. The Active Exploit Watch List and AI Security Intelligence section below contain actionable items.
0 Critical · 0 High · 0 Medium🔴 Watch List: 3 Active Items Below🤖 AI Section: CVE-2026-5027 Langflow
Summary Table
Vulnerability
CVE
Product
Published
Severity
CVSS
Exploited
Patch
Priority Action
No qualifying findings for June 11, 2026. See Active Exploit Watch List below and companion sweep log for pre-window exclusions (OpenSSL CVE-2026-45447, Fortinet CVE-2026-25089, Ivanti CVE-2026-10520, Palo Alto Chromium advisory).
Export Summary Data
🔴 Active Exploit Watch List — Unresolved Exploited Vulnerabilities (Last 7 Days)
CVE-2026-11645Google Chrome V8 Zero-Day — CISA KEV June 9 · Active Exploitation Confirmed · Chrome/Edge June 9 Patch RequiredEXPLOITED⚠ KEVDay 3 of 7▼
Product
Google Chrome / Microsoft Edge (Chromium-based) — all platforms
Available — Chrome/Edge June 9 update This is separate from Chrome 149 (June 8) — both required.
Remove From Watch List
June 16, 2026 (Day 7)
▶ Action Reminder:
Confirm Chrome and Edge June 9 security update is deployed fleet-wide via endpoint telemetry. Verify separately from Chrome 149 (June 8) — both updates are required. Check Microsoft Edge via Windows Update.
Check Point Security Gateway R80.20.X – R82.10 with IKEv1 VPN / Mobile Access configured
Entered Watch List
June 8, 2026 — CISA KEV (June 11 federal deadline now passed)
Patch Status
Hotfix available Apply immediately. Disable IKEv1 on all VPN configurations.
Remove From Watch List
June 15, 2026 (Day 7)
▶ Action Reminder:
CISA BOD 22-01 federal remediation deadline was June 11 — verify compliance. Apply hotfix if not already applied. Disable IKEv1 on all VPN and Mobile Access configurations. Review VPN session logs for Qilin affiliate IoC IPs from May 7 onward.
CVE-2026-42897Microsoft Exchange Server OWA XSS Zero-Day — Partial Patch (SE Only) · 2016/2019 Without ESU Remain Exposed · Active Exploitation OngoingEXPLOITED⚠ KEVDay 33 — Ongoing▼
Product
Exchange Server 2016 / 2019 / Subscription Edition — on-premises only
Entered Watch List
May 14, 2026 (original disclosure) — active exploitation confirmed
Patch Status — SE
Permanent patch — June 9 Patch Tuesday Apply if not already done.
Patch Status — 2016/2019
ESU licence required Without ESU: EEMS mitigation M2.1.x only. Organisations without ESU remain fully exposed.
▶ Action Reminder:
SE: Confirm June 9 patch applied. Exchange 2016/2019: Verify EEMS mitigation M2.1.x via Health Checker (aka.ms/ExchangeHealthChecker). Block OWA from legacy IE/Edge compat mode clients. Review OWA session logs for anomalous forwarding rules or bulk mail reads. This entry remains on the watch list until all Exchange 2016/2019 environments receive a permanent fix or migrate to Exchange Online.
🤖 AI Security Intelligence — Vulnerabilities & Industry Briefing
AI Vulnerability Alert
CVE-2026-5027Langflow AI Development Platform — Path Traversal Actively Exploited · ~7,000 Exposed Instances · Patch v1.10.0 Released June 10 · MuddyWater Prior Activity Pattern (AI Platform Infrastructure)AI PlatformEXPLOITEDCVSS 8.8▼
Affected Product
Langflow — open-source low-code AI application development platform. Used by AI/ML development teams to build AI agents, RAG systems, and MCP-based workflows. 149,000+ GitHub stars, 9,200+ forks. Inventory note: AI platform — included per Section 13 rules regardless of technology inventory.
CVSS Score
8.8 High — CWE-22 Path Traversal. AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. Unauthenticated remote exploitation.
Actively Exploited
YES — Confirmed by VulnCheck In-the-wild exploitation confirmed. ~7,000 publicly exposed Langflow instances identified by Censys. Historical context: Iranian threat group MuddyWater previously exploited Langflow CVE-2025-3248.
Technical Detail
The POST /api/v2/files endpoint fails to sanitize the 'filename' parameter in multipart form data, allowing path traversal sequences (../) to write arbitrary files anywhere on the filesystem. Exploitation enables writing web shells, configuration tampering, or overwriting Python source files for persistent code execution. No authentication required.
Patch Available
Yes — v1.10.0 released June 10, 2026 Upgrade immediately via pip or Docker. Tenable discovered the flaw in January 2026; disclosed March 27 after three failed contact attempts with maintainers.
Prior Langflow Exploitation Pattern
This is the fifth Langflow CVE targeted in the wild since late 2025: CVE-2025-3248 (CISA KEV, MuddyWater) · CVE-2026-0770 · CVE-2026-21445 · CVE-2026-33017 — all exploited. Langflow is a persistent high-value target for actors seeking AI infrastructure access.
▶ Action (AI Infrastructure Teams):
1. Upgrade all Langflow deployments to v1.10.0 immediately: pip install langflow --upgrade or pull the latest Docker image.
2. If immediate upgrade is not possible, restrict the POST /api/v2/files endpoint at the network or application layer as an interim measure.
3. Audit Langflow deployment logs for path traversal patterns in the filename parameter ('../' sequences) starting from June 1, 2026 — exploitation may predate public disclosure.
4. Review all files created on Langflow host systems since June 1 for unexpected additions, particularly in web-accessible directories or Python package paths.
5. Assess whether any Langflow deployment has API keys, LLM provider credentials, or database credentials in its configuration — these are the primary post-exploitation targets given the MuddyWater pattern.
OpenSSL Advisory 20260609 — Notable Context: CVE-2026-45447 Discovered with Claude AI / Anthropic Research
The June 9, 2026 OpenSSL security advisory (20260609.txt) — published just before this coverage window — includes CVE-2026-45447, a HIGH-severity heap use-after-free in the PKCS7_verify() function that may allow remote code execution via crafted S/MIME messages. The vulnerability was discovered by a researcher at Calif in collaboration with Claude AI and Anthropic Research, and reported to the OpenSSL project on April 16, 2026. This marks one of the first publicly credited instances of Claude/Anthropic AI tools being used to discover a production vulnerability in critical open-source cryptographic infrastructure. The disclosure is consistent with Anthropic's published capability reporting that Claude Mythos (internal frontier model) demonstrated strong performance in vulnerability discovery across source code analysis, reverse engineering, and live-site validation. The primary advisory and all mandatory source coverage of CVE-2026-45447 falls on June 9, outside the current coverage window — it is fully documented in the companion sweep log. Enterprise teams running OpenSSL 3.0 through 4.0 in email infrastructure processing S/MIME signatures should apply the June 9 patches (3.0.21, 3.4.6, 3.5.7, 3.6.3, 4.0.1) if not already deployed.
AI Platform Vulnerability Pattern — Langflow as Persistent Target
The fifth Langflow CVE exploited in the wild in under eight months signals that AI development infrastructure has become a stable, high-value target category for threat actors seeking access to AI systems, credentials, and the data they process. The progression from CVE-2025-3248 (MuddyWater, Iranian threat group) through CVE-2026-5027 demonstrates a pattern consistent with persistent offensive interest in Langflow-hosted AI agents and the LLM API credentials they hold. Organisations that deploy Langflow — or similar AI development platforms such as n8n, LiteLLM, Flowise, or custom FastAPI-based AI agent servers — should treat these as high-value targets requiring the same patching urgency as externally facing web application firewalls and VPN gateways. The primary risk of compromise is not server takeover per se but access to the LLM provider API keys, database credentials, and sensitive data that AI agent platforms are configured to access.