ELEVATED 7 min read 13 Jun 2026

Langflow CVE-2026-5027 And PeopleSoft CVE-2026-35273 Drive 13 June Exposure Checks

Today's intelligence contains 17 NEW findings and 5 UPDATED findings. The priority is not stability: route the PeopleSoft UK victim update, Ivanti Sentry patch pressure, EU advisories, and developer-platform exposure checks to accountable owners.

Key findings
01
Finding 1: Langflow CVE-2026-5027 Is Exploited For Unauthenticated RCE
CRITICAL
[Medium] Confidence: Medium The 13 June intelligence reports exploited unauthenticated remote code execution in Langflow before 1.9.0. The first checks are exposed Langflow deployments, /api/v2/files reachability, suspicious file writes, and update status.
CVE-2026-5027
02
Update: Oracle PeopleSoft CVE-2026-35273 Names University Of Nottingham In Current Reporting
HIGH
[High] Confidence: High Oracle says CVE-2026-35273 is remotely exploitable without authentication. Google/Mandiant attributes education-sector exploitation to ShinyHunters/UNC6240, The Hacker News reports on the exploitation activity, and CyberScoop names the University of Nottingham as a victim.
CVE-2026-35273
03
Finding 2: MongoDB CVE-2026-11933 Gets BSI And CERT-FR Patch Routing
MEDIUM
[Medium] Confidence: Medium BSI CERT-Bund and CERT-FR published MongoDB advisories for CVE-2026-11933. CERT-FR lists affected Core Server branches before 4.4.31, 5.0.34, 6.0.29, 7.0.37, 8.0.26, 8.2.11, and 8.3.4.
CVE-2026-11933
04
Finding 3: Spring Cloud Gateway And Sleuth CVE-2026-41708 Span BSI And CERT-FR
MEDIUM
[Medium] Confidence: Medium BSI lists a high VMware Tanzu Spring Cloud Gateway and Sleuth advisory, and CERT-FR provides additional affected-branch and vendor-reference detail. The affected checks include Cloud Gateway before 3.1.13, 4.2.9, 4.3.4.1/4.3.5, and 5.0.1.1/5.0.2, plus Cloud Sleuth before 3.1.14.
CVE-2026-41708
05
Update: Ivanti Sentry CVE-2026-10520 Has Active-Exploitation Patch Pressure
MEDIUM
[Medium] Confidence: Medium BleepingComputer reports that CISA ordered federal agencies to patch actively exploited CVE-2026-10520 within three days. The Register and The Hacker News provide patch context for Ivanti Sentry before R10.5.2, R10.6.2, and R10.7.1.
CVE-2026-10520
06
Update: ServiceNow No-CVE Issue Queried Tables In A Subset Of Customer Instances
MEDIUM
[Medium] Confidence: Medium ServiceNow reported a hosted update and a trust notification for an issue that allowed successful table queries against a subset of customer instances. The intelligence does not name a CVE for this issue.
07
Finding 4: Fortinet FortiPortal NCSC-2026-0197 Needs Appliance Owner Review
LOW
[Low] Confidence: Low / Unverified NCSC-NL reports a FortiPortal issue affecting versions 7.0 through 7.4.7 where API endpoints may expose sensitive network configuration data to an external attacker with an organisation-user role. The intelligence does not establish active exploitation.
08
Finding 5: Chrome CVE-2026-12007 / WID-SEC-2026-1893 Enters Managed Browser Routing
LOW
[Low] Confidence: Low / Unverified CERT-Bund published a high Google Chrome multi-vulnerability advisory with alias expansion from CVE-2026-12007 through related CVE-2026-12035 entries. The action is managed-browser update validation, especially on admin workstations and other high-risk endpoints.
CVE-2026-12007
09
Finding 6: Keycloak Admin-UI-Ext CVE-2026-11986 Is Unpatched In CERT-Bund Routing
LOW
[Low] Confidence: Low / Unverified CERT-Bund published a Keycloak admin-ui-ext advisory flagged unpatched and tied to file manipulation risk. Identity owners should inventory admin-ui-ext use and apply compensating controls whilst patch status is unresolved.
CVE-2026-11986
10
Finding 7: IBM i CVE-2026-7870 Enters EU Owner Routing
LOW
[Low] Confidence: Low / Unverified BSI CERT-Bund lists IBM i as high severity with arbitrary program-code execution using administrator rights. The intelligence supports owner identification and patch validation; it does not add exploitation evidence.
CVE-2026-7870
11
Finding 8: Snappy CVE-2026-46683 Covers SSRF And Local File Read
LOW
[Low] Confidence: Low / Unverified MSRC published CVE-2026-46683 for a Snappy issue involving SSRF and local file read through xsl-style-sheet option handling. Attribution for this item is MSRC; do not substitute GitHub release pages as the source of record.
CVE-2026-46683
12
Finding 9: Snappy CVE-2026-46643 Covers Binary Path Escaping
LOW
[Low] Confidence: Low / Unverified MSRC published CVE-2026-46643 for a Snappy binary path issue where shell escaping can fail due to an inverted executable check. This item is also attributed to MSRC.
CVE-2026-46643
13
Finding 10: Budibase CVE-2026-48150 Allows Workspace Builders To Become Global Admins
LOW
[Low] Confidence: Low / Unverified GitHub Advisory Database published a critical Budibase Enterprise issue where a workspace-scoped builder can use the public role-assignment API to promote users to global builder or global admin. The fixed version named in the intelligence is @budibase/server 3.39.0.
CVE-2026-48150
14
Finding 11: File Browser CVE-2026-54091 Exposes Blocked Paths In Public Shares
LOW
[Low] Confidence: Low / Unverified GitHub Advisory Database published CVE-2026-54091 for a File Browser public-share authorisation issue. The advisory describes checks being evaluated against rebased paths, allowing unauthenticated access to blocked child content under an exposed directory share.
CVE-2026-54091
15
Finding 12: GeoServer CVE-2025-52465 Can Write Master-Password Dump Output To Arbitrary Paths
LOW
[Low] Confidence: Low / Unverified GitHub Advisory Database published CVE-2025-52465 for GeoServer. An authenticated administrator can pass arbitrary absolute filenames to the master-password dump page and create plaintext password files where the GeoServer process can write.
CVE-2025-52465
16
Finding 13: File Browser CVE-2026-54094 Breaks File-Boundary Controls Through Symlinks
LOW
[Low] Confidence: Low / Unverified GitHub Advisory Database published CVE-2026-54094 for a File Browser symlink scope escape. Scoped users can read, write, share, or list files outside the intended File Browser scope when symlinks exist inside the scoped tree.
CVE-2026-54094
17
Finding 14: GeoServer CVE-2025-58175 SSRF Depends On XML Entity And Proxy-Base Configuration
LOW
[Low] Confidence: Low / Unverified GitHub Advisory Database published CVE-2025-58175 for a GeoServer SSRF issue involving XML entity resolution and proxy base URL configuration. Patch gs-web-app and gs-main to 2.26.4 or 2.27.3.
CVE-2025-58175
18
Finding 15: File Browser CVE-2026-54093 Affects Windows Extraction Workflows
LOW
[Low] Confidence: Low / Unverified GitHub Advisory Database published CVE-2026-54093 for File Browser archive traversal. File Browser can preserve Windows-style backslash traversal in ZIP/TAR entries, allowing low-privileged uploaders to create archives that write outside the extraction directory on Windows.
CVE-2026-54093
19
Finding 16: File Browser CVE-2026-54090 Allows Command-Execution Allowlist Bypass
LOW
[Low] Confidence: Low / Unverified GitHub Advisory Database published CVE-2026-54090 for a File Browser command-execution allowlist bypass involving shell metacharacter handling. Prioritise deployments where command execution is enabled or delegated to lower-privileged users.
CVE-2026-54090
20
Finding 17: CERT-Bund Langflow CVE-2026-33760 Adds A Separate High Advisory
LOW
[Low] Confidence: Low / Unverified CERT-Bund also published a high Langflow advisory for CVE-2026-33760, with alias resolution surfacing CVE-2026-42867 and GHSA identifiers.
CVE-2026-33760

Langflow CVE-2026-5027 And PeopleSoft CVE-2026-35273 Drive 13 June Exposure Checks

Finding 1: Langflow CVE-2026-5027 Is Exploited For Unauthenticated RCE

Confidence: Medium

The 13 June intelligence reports exploited unauthenticated remote code execution in Langflow before 1.9.0. The first checks are exposed Langflow deployments, /api/v2/files reachability, suspicious file writes, and update status.

This belongs with developer-platform owners rather than a general vulnerability queue. AI workflow systems often sit close to credentials, data pipelines, and automation paths, so exposed self-hosted instances deserve fast validation. Sources: https://thehackernews.com/2026/06/unpatched-langflow-flaw-cve-2026-5027.html.

Finding 2: MongoDB CVE-2026-11933 Gets BSI And CERT-FR Patch Routing

Confidence: Medium

BSI CERT-Bund and CERT-FR published MongoDB advisories for CVE-2026-11933. CERT-FR lists affected Core Server branches before 4.4.31, 5.0.34, 6.0.29, 7.0.37, 8.0.26, 8.2.11, and 8.3.4.

Database owners should map those ranges to managed MongoDB estates and track MongoDB SERVER-128125 where it is already part of patch tracking. The version detail is specific enough for assignment to the database team. Sources: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1906 ; https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0741/.

Finding 3: Spring Cloud Gateway And Sleuth CVE-2026-41708 Span BSI And CERT-FR

Confidence: Medium

BSI lists a high VMware Tanzu Spring Cloud Gateway and Sleuth advisory, and CERT-FR provides additional affected-branch and vendor-reference detail. The affected checks include Cloud Gateway before 3.1.13, 4.2.9, 4.3.4.1/4.3.5, and 5.0.1.1/5.0.2, plus Cloud Sleuth before 3.1.14.

Spring owners should treat this as a targeted platform-routing task. Prioritise externally exposed gateway deployments and any service path where the gateway controls authentication or upstream access. Sources: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1901 ; https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0744/ ; https://spring.io/security/cve-2026-41708.

Finding 4: Fortinet FortiPortal NCSC-2026-0197 Needs Appliance Owner Review

Confidence: Low / Unverified

NCSC-NL reports a FortiPortal issue affecting versions 7.0 through 7.4.7 where API endpoints may expose sensitive network configuration data to an external attacker with an organisation-user role. The intelligence does not establish active exploitation.

Route this to Fortinet appliance owners for exposure, role model, and fixed-version checks. Keep escalation tied to local FortiPortal presence and API reachability. Source: https://advisories.ncsc.nl/advisory?id=NCSC-2026-0197.

Finding 5: Chrome CVE-2026-12007 / WID-SEC-2026-1893 Enters Managed Browser Routing

Confidence: Low / Unverified

CERT-Bund published a high Google Chrome multi-vulnerability advisory with alias expansion from CVE-2026-12007 through related CVE-2026-12035 entries. The action is managed-browser update validation, especially on admin workstations and other high-risk endpoints.

This is a deployment-compliance check, not an exploitation claim in today's intelligence. Source: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1893.

Finding 6: Keycloak Admin-UI-Ext CVE-2026-11986 Is Unpatched In CERT-Bund Routing

Confidence: Low / Unverified

CERT-Bund published a Keycloak admin-ui-ext advisory flagged unpatched and tied to file manipulation risk. Identity owners should inventory admin-ui-ext use and apply compensating controls whilst patch status is unresolved.

Because this affects identity administration surfaces, the practical priority depends on whether the extension is deployed and reachable in privileged environments. Source: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1894.

Finding 7: IBM i CVE-2026-7870 Enters EU Owner Routing

Confidence: Low / Unverified

BSI CERT-Bund lists IBM i as high severity with arbitrary program-code execution using administrator rights. The intelligence supports owner identification and patch validation; it does not add exploitation evidence.

IBM i estates can be easy to miss in standard infrastructure queues. Assign a platform owner, validate affected versions against BSI, and record mitigation or patch status. Source: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1903.

Finding 8: Snappy CVE-2026-46683 Covers SSRF And Local File Read

Confidence: Low / Unverified

MSRC published CVE-2026-46683 for a Snappy issue involving SSRF and local file read through xsl-style-sheet option handling. Attribution for this item is MSRC; do not substitute GitHub release pages as the source of record.

Dependency owners should check whether Snappy processing can touch attacker-controlled input and then confirm patched package or vendor guidance. Source: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46683.

Finding 9: Snappy CVE-2026-46643 Covers Binary Path Escaping

Confidence: Low / Unverified

MSRC published CVE-2026-46643 for a Snappy binary path issue where shell escaping can fail due to an inverted executable check. This item is also attributed to MSRC.

Route it to dependency owners together with CVE-2026-46683, especially where document conversion or rendering paths accept untrusted input. Source: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46643.

Finding 10: Budibase CVE-2026-48150 Allows Workspace Builders To Become Global Admins

Confidence: Low / Unverified

GitHub Advisory Database published a critical Budibase Enterprise issue where a workspace-scoped builder can use the public role-assignment API to promote users to global builder or global admin. The fixed version named in the intelligence is @budibase/server 3.39.0.

Low-code platform owners should check enterprise deployments before 3.39.0 and review who can create or manage workspace builder accounts. Source: https://github.com/advisories/GHSA-6xp4-cf37-ppjh.

Finding 11: File Browser CVE-2026-54091 Exposes Blocked Paths In Public Shares

Confidence: Low / Unverified

GitHub Advisory Database published CVE-2026-54091 for a File Browser public-share authorisation issue. The advisory describes checks being evaluated against rebased paths, allowing unauthenticated access to blocked child content under an exposed directory share.

Check File Browser v1 <= 1.11.0 and v2 <= 2.63.5; the v2 patch named in the intelligence is 2.63.6. Sources: https://github.com/advisories/GHSA-j9jx-hp4c-ghhh ; https://github.com/filebrowser/filebrowser/releases/tag/v2.63.6.

Finding 12: GeoServer CVE-2025-52465 Can Write Master-Password Dump Output To Arbitrary Paths

Confidence: Low / Unverified

GitHub Advisory Database published CVE-2025-52465 for GeoServer. An authenticated administrator can pass arbitrary absolute filenames to the master-password dump page and create plaintext password files where the GeoServer process can write.

Patch gs-web-app and gs-web-sec-core from <= 2.26.3 or 2.27.0-2.27.2 to 2.26.4 or 2.27.3. Source: https://github.com/advisories/GHSA-7qmg-grcp-qf25.

Finding 13: File Browser CVE-2026-54094 Breaks File-Boundary Controls Through Symlinks

Confidence: Low / Unverified

GitHub Advisory Database published CVE-2026-54094 for a File Browser symlink scope escape. Scoped users can read, write, share, or list files outside the intended File Browser scope when symlinks exist inside the scoped tree.

Check File Browser v1 <= 1.11.0 and v2 <= 2.63.13; the v2 patch named in the intelligence is 2.63.14. Sources: https://github.com/advisories/GHSA-239w-m3h6-ch8v ; https://github.com/filebrowser/filebrowser/releases/tag/v2.63.14.

Finding 14: GeoServer CVE-2025-58175 SSRF Depends On XML Entity And Proxy-Base Configuration

Confidence: Low / Unverified

GitHub Advisory Database published CVE-2025-58175 for a GeoServer SSRF issue involving XML entity resolution and proxy base URL configuration. Patch gs-web-app and gs-main to 2.26.4 or 2.27.3.

Teams using proxy base URLs should also ensure the configured URLs include a path or trailing slash where applicable. Source: https://github.com/advisories/GHSA-x4r9-gmw3-hxww.

Finding 15: File Browser CVE-2026-54093 Affects Windows Extraction Workflows

Confidence: Low / Unverified

GitHub Advisory Database published CVE-2026-54093 for File Browser archive traversal. File Browser can preserve Windows-style backslash traversal in ZIP/TAR entries, allowing low-privileged uploaders to create archives that write outside the extraction directory on Windows.

Check File Browser v1 <= 1.11.0 and v2 <= 2.63.5; the v2 patch named in the intelligence is 2.63.6. Sources: https://github.com/advisories/GHSA-gxjx-7m74-hcq8 ; https://github.com/filebrowser/filebrowser/releases/tag/v2.63.6.

Finding 16: File Browser CVE-2026-54090 Allows Command-Execution Allowlist Bypass

Confidence: Low / Unverified

GitHub Advisory Database published CVE-2026-54090 for a File Browser command-execution allowlist bypass involving shell metacharacter handling. Prioritise deployments where command execution is enabled or delegated to lower-privileged users.

This should be routed alongside the other File Browser items because the same owner can usually validate version exposure and feature use in one pass. Source: https://github.com/advisories/GHSA-8c9q-7855-wfxq.

Finding 17: CERT-Bund Langflow CVE-2026-33760 Adds A Separate High Advisory

Confidence: Low / Unverified

CERT-Bund also published a high Langflow advisory for CVE-2026-33760, with alias resolution surfacing CVE-2026-42867 and GHSA identifiers. Treat this separately from the exploited CVE-2026-5027 item until local asset mapping or vendor evidence joins the two in your environment.

AI workflow owners should inventory self-hosted Langflow, check patch status, and reduce internet exposure where business use permits. Source: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1898.

Update: Oracle PeopleSoft CVE-2026-35273 Names University Of Nottingham In Current Reporting

Confidence: High

Oracle says CVE-2026-35273 is remotely exploitable without authentication. Google/Mandiant attributes education-sector exploitation to ShinyHunters/UNC6240, The Hacker News reports on the exploitation activity, and CyberScoop names the University of Nottingham as a victim.

Keep the wording narrow. Today's publishable facts support Oracle remote unauthenticated exploitability, Google/Mandiant attribution, THN and CyberScoop reporting, and the University of Nottingham victim reference. They do not support unsourced wider-scale victim claims. Sources: https://www.oracle.com/security-alerts/alert-cve-2026-35273.html ; https://cloud.google.com/blog/topics/threat-intelligence/shinyhunters-targets-education-sector-oracle-exploit/ ; https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html ; https://cyberscoop.com/oracle-peoplesoft-zero-day-vulnerability-shinyhunters-extortion/.

Update: Ivanti Sentry CVE-2026-10520 Has Active-Exploitation Patch Pressure

Confidence: Medium

BleepingComputer reports that CISA ordered federal agencies to patch actively exploited CVE-2026-10520 within three days. The Register and The Hacker News provide patch context for Ivanti Sentry before R10.5.2, R10.6.2, and R10.7.1.

The article should not describe this as a new CISA KEV addition. The current wording is tied to secondary reporting and fixed-version validation: find externally reachable Sentry appliances, patch to R10.5.2, R10.6.2, or R10.7.1, and verify completion. Sources: https://www.bleepingcomputer.com/news/security/cisa-gives-feds-3-days-to-patch-ivanti-flaw-exploited-in-attacks/ ; https://www.theregister.com/patches/2026/06/10/ivanti-urges-sentry-users-to-patch-two-critical-bugs/5253428 ; https://thehackernews.com/2026/06/ivanti-fortinet-and-sap-release-patches.html.

Update: ServiceNow No-CVE Issue Queried Tables In A Subset Of Customer Instances

Confidence: Medium

ServiceNow reported a hosted update and a trust notification for an issue that allowed successful table queries against a subset of customer instances. The intelligence does not name a CVE for this issue.

Customers should confirm that the 5 June hosted update is present, review vendor customer notifications, and audit suspicious table-query activity beginning 2 June 2026. Source: https://thehackernews.com/2026/06/servicenow-flaw-exploited-to-gain.html.

Update: LangGraph Flaw Chain Has Patched Package Versions

Confidence: Medium

The LangGraph update spans CVE-2025-67644, CVE-2026-28277, and CVE-2026-27022 across langgraph-checkpoint-sqlite before 3.0.1, langgraph before 1.0.10, and @langchain/langgraph-checkpoint-redis before 1.0.1.

Patch self-hosted LangGraph deployments that use SQLite or Redis checkpointers, and restrict user-controlled filter input to state-history endpoints. Source: https://thehackernews.com/2026/06/langgraph-flaw-chain-exposes-self.html.

Update: GitHub Prepares npm v12 Install-Script Opt-In Controls

Confidence: Low / Unverified

GitHub is preparing npm v12 changes to disable install scripts by default, changing package-install trust workflows. This is supply-chain control planning rather than evidence of a compromise.

Developer-platform owners should test npm 11.16.0+ approve-scripts review in repositories where install scripts are part of build or developer setup. Source: https://thehackernews.com/2026/06/github-to-disable-npm-install-scripts.html.

Why This Matters

This is a routing day with two sharper operational updates. PeopleSoft has named UK victim context and must stay tied to sourced facts. Ivanti Sentry has active-exploitation patch pressure in current reporting, but the wording should not turn that into a KEV claim.

The breadth sits with EU advisories and developer platforms. MongoDB, Spring, IBM i, FortiPortal, Chrome, Keycloak, Langflow, LangGraph, File Browser, Budibase, GeoServer, Snappy, ServiceNow, and npm install-script controls all need named owners, version checks, and evidence-preserving status notes.

  • Recommended Actions
  • Validate internet-facing PeopleSoft PeopleTools 8.61/8.62 and PSEMHUB exposure; apply Oracle mitigation and review logs from 27 May 2026 onward.
  • Patch Ivanti Sentry to R10.5.2, R10.6.2, or R10.7.1 where applicable, and verify externally reachable appliances.
  • Route MongoDB, Spring, IBM i, FortiPortal, Chrome, and Keycloak advisories to the correct database, application, identity, browser, appliance, and platform owners.
  • Patch or inventory Langflow, LangGraph, File Browser, Budibase, GeoServer, Snappy, and ServiceNow exposure, prioritising exposed admin, file-sharing, command-execution, SaaS, and AI workflow surfaces.
  • Prepare npm install-script approval workflows before npm v12 changes reach developer pipelines.

All findings grounded in a13e intelligence sweeps through 04:55 UTC 13 June 2026.

cve-2025-52465cve-2025-58175cve-2026-10520cve-2026-11933cve-2026-11986cve-2026-12007cve-2026-33760cve-2026-35273cve-2026-41708cve-2026-46643

Act on this brief

Map detection coverage gaps for the techniques above, or generate Sigma rules from the named CVEs.

Try DCV Try CloudSigma ← Back to feed