```html ```
top of page

Three June KEV Bugs We Didn't Break First. Here's the Honest Brief — and the One Doorway They Share.

  • Writer: Patrick Duggan
    Patrick Duggan
  • 1 hour ago
  • 5 min read

Not every bug is one we catch first, and a threat-intelligence shop that only tells you about its wins is lying to you by omission. Three vulnerabilities went into CISA's Known Exploited Vulnerabilities catalog across June that we did not break, did not flag early, and owe you no receipt on. We are writing them up anyway — late, honestly credited, and with the one thing a wrap of three separate advisories usually leaves out: the pattern connecting them. Because when you line up a VPN gateway, a phone system, and an AI workflow engine and they all fall the same way, the individual CVEs stop being the story. The doorway is.


Here is the honest brief on all three, who did the primary work, what to do tonight, and why they are the same bug wearing three costumes.



Check Point Remote Access VPN — [CVE-2026-50751](https://analytics.dugganusa.com/api/v1/dredd/kev-gap?cve=CVE-2026-50751)


Check Point's Remote Access and Mobile Access VPN carries an improper-authentication flaw, CVE-2026-50751, rated CVSS 9.3. When a gateway is configured to use the deprecated IKEv1 key-exchange protocol, a remote, unauthenticated attacker can bypass user authentication and stand up a VPN connection with no valid password. It also reaches Check Point's Spark firewalls — the small-and-medium-business and MSP line — which widens the blast radius well past large enterprises.


The credit here belongs to watchTowr Labs, whose writeup "Marking Your Own Homework" took the bug apart, and to Rapid7 and Check Point's own advisory for the disclosure and exploitation confirmation. This was not theoretical: a Qilin ransomware affiliate has been exploiting it as a zero-day since roughly May 7, against a few dozen targeted organizations. CISA added it to KEV with a federal patch deadline of June 11. Check Point also found a companion issue, CVE-2026-50752, a certificate-validation weakness enabling man-in-the-middle on site-to-site tunnels — not exploited in the wild, but patch it in the same pass.


What to do: apply Check Point's hotfix. If you cannot patch tonight, the mitigation is the tell — stop using IKEv1, drop legacy Remote Access client support, and require a machine certificate to establish connections. A VPN that authenticates a stranger is not a perimeter; it is a welcome mat with a logo on it.



Cisco Unified Communications Manager — [CVE-2026-20230](https://analytics.dugganusa.com/api/v1/dredd/kev-gap?cve=CVE-2026-20230)


Your phone system is a Linux box on the network, and this quarter it is an exposed one. CVE-2026-20230 is a server-side request forgery flaw in Cisco Unified Communications Manager, CVSS 8.6, exploitable by an unauthenticated remote attacker through crafted HTTP requests. The SSRF is the foot in the door; the danger is where it leads — an attacker can write files to the underlying operating system and use that foothold to escalate toward root. Cisco patched it on June 3; by late June, threat-detection outfit Defused had observed it being exploited in the wild to write arbitrary files to affected endpoints, and Cisco's PSIRT confirmed active exploitation. CISA's KEV deadline was June 28. Credit to Cisco PSIRT and Defused for the disclosure and the in-the-wild catch.


We flagged this one late, but not blind to the neighborhood: we have written the Cisco network-infrastructure beat repeatedly, most recently "[CVE-2026-20262](https://analytics.dugganusa.com/api/v1/dredd/kev-gap?cve=CVE-2026-20262) Is The Seventh Cisco SD-WAN Zero-Day In Thirteen Months. The Brain Of The Network Is Still Open." CUCM is the same story on a different appliance — the management surface of the voice network, unauthenticated, reachable, and one file-write away from the OS.


What to do: patch to a fixed Unified CM release. If you cannot immediately, Cisco's interim guidance is to disable the WebDialer service until you can. And hunt: unexplained files appearing on the CUCM host, outbound requests from the appliance to destinations it has no business reaching. A PBX that suddenly makes web requests has already been asked to.



Langflow — [CVE-2026-55255](https://analytics.dugganusa.com/api/v1/dredd/kev-gap?cve=CVE-2026-55255)


This is the one that should make you sit up, because it is the AI stack itself becoming the attack surface — the exact seam we have been pointing at all year. Langflow is a popular visual builder for LLM applications and agent workflows. CVE-2026-55255 is an insecure-direct-object-reference flaw: an authenticated attacker sends a crafted request to the /api/v1/responses endpoint carrying another user's flow UUID and executes that victim's flows — reaching the sensitive data those flows process and burning the victim's resources. Sysdig's Threat Research Team first observed it exploited in the wild on June 25, and they were blunt about the objective: code execution and second-stage implant delivery. CISA's KEV deadline is Friday. The primary research and the in-the-wild catch are Sysdig TRT's; the credit is theirs.


And here is where the hole closes back onto ground we already hold. Langflow is a repeat KEV offender — CVE-2025-3248 (missing authentication) and CVE-2026-33017 (code injection) preceded this one. That first bug, the missing-auth flaw, is the one the JadePuffer ransomware operation rode to dump Langflow's PostgreSQL database — and JadePuffer is a beat we own, the LLM-agent-run ransomware operation we wrote up on July 3. Pair that with the Djinn stealer we documented on July 1, the infostealer built specifically to harvest Claude, Gemini, and Codex keys, and the shape is unmistakable: the tooling you adopted to build with AI is now a first-class target, exploited by operators who understand it better than most of the teams running it.


What to do: update Langflow to a patched release now. Do not expose a Langflow instance to the internet without authentication in front of it, and treat any flow that touches credentials or customer data as a crown-jewel asset — because to an attacker with an implant objective, it is.



The doorway all three share


Line them up. A VPN gateway that authenticates a stranger. A phone system that writes attacker files to its own OS. An AI-workflow engine that runs one tenant's logic on another tenant's command. Three different vendors, three different CVSS scores, three different weeks. One doorway: the management, access, and orchestration plane — the machinery you deploy to run the environment, turned into the way into it.


This is the same thesis under the LoadMaster load-balancer kit that dropped today, under the SimpleHelp help-desk bypass feeding the Djinn stealer, under thirteen months of Cisco SD-WAN zero-days. The perimeter appliance, the remote-support console, the comms manager, the agent builder — you bought every one of them to have more control over your estate, and each one is a pre-authentication or trivially-authenticated path to exactly that control for someone else. The blast radius of a compromised control plane is never one machine. It is the fleet the control plane controls.


We did not get to these three first, and we are not going to pretend otherwise — held to about ninety-five percent, as always, and the primary credit for every one of them belongs to the researchers named above: watchTowr, Rapid7, Cisco PSIRT, Defused, and Sysdig TRT. What a shop that reads everything and remembers all of it can still do, even on the bugs it did not break, is get you the true version fast, credit the people who earned it, and hand you the pattern the individual advisories are too narrow to show. Patch the three. Then go look at everything else on your network whose entire job is control — because that is the shelf the next one comes from too.




Every indicator in this post is in the feed. Free.

1.58M+ IOCs, STIX 2.1 / TAXII, 88% novel vs ThreatFox, exploited-CVE leads ahead of CISA. No credit card — a free API key in 30 seconds, and you can audit every claim above against the live endpoints.


Comments

Rated 0 out of 5 stars.
No ratings yet

Add a rating
bottom of page