blog

Focus Friday: TPRM Insights On Critical Vulnerabilities In Ollama, Langflow, Sonicwall Sonicos, and n8n

Published

May 1, 2026

Introduction

Welcome to another edition of Focus Friday. This week's threats span four distinct layers of modern vendor infrastructure: AI model deployment, AI orchestration platforms, network perimeter security, and workflow automation.

CVE-2026-5757 is an unpatched zero-day in Ollama that allows unauthenticated attackers to exfiltrate sensitive data directly from server heap memory by uploading a malicious AI model file — with no official patch and a public Proof-of-Concept available. CVE-2026-42048 is a critical Path Traversal vulnerability in Langflow's Knowledge Bases API that enables authenticated attackers to permanently delete arbitrary directories anywhere on the server filesystem, threatening irreversible data loss across AI-powered enterprise environments. Three vulnerabilities — CVE-2026-0204, CVE-2026-0205, and CVE-2026-0206 — affect SonicWall SonicOS across Gen 6, Gen 7, and Gen 8 firewall product lines, enabling unauthorized management access and Denial of Service conditions against the network devices that protect an organization's entire perimeter. Finally, CVE-2026-42231 and CVE-2026-42232 are critical Prototype Pollution vulnerabilities in n8n that can be chained to achieve full Remote Code Execution on the host server.

For Third-Party Risk Management (TPRM) professionals, this week's disclosures confirm that the attack surface of modern vendor ecosystems now extends deep into AI infrastructure, automation pipelines, and the network devices that underpin everything. Identifying which vendors are exposed — before exploitation occurs — is no longer optional.

Filtered view of vendors with Ollama FocusTag® on the Black Kite platform.

Ollama (CVE-2026-5757)

What Is the Ollama Zero-Day Vulnerability?

CVE-2026-5757 is a critical zero-day Information Disclosure, Out-of-Bounds Read, and Memory Corruption vulnerability affecting Ollama, the widely deployed open-source platform for running large language models locally. With a CVSS score of 8.0, the flaw allows an unauthenticated attacker to exfiltrate sensitive data directly from server heap memory by uploading a single malicious AI model file. As of the date of this publication, no official patch has been released. A public Proof-of-Concept (PoC) exploit is available, and the vulnerability has not been added to CISA's Known Exploited Vulnerabilities (KEV) Catalog.

The vulnerability resides in Ollama's quantization engine and its handling of GGUF (GPT-Generated Unified Format) model files. The attack exploits three compounding failures: the engine blindly trusts attacker-supplied tensor metadata in the GGUF file header, uses Go's unsafe.Slice() to create memory slices based on that metadata, and then — because Ollama supports pushing models to external registries via the api/push endpoint — allows an attacker to exfiltrate the resulting memory slice, which now contains adjacent heap data such as API keys, internal IP addresses, and runtime configuration. The entire operation requires no authentication and leaves minimal traces in standard application logs. With approximately 26,762 Ollama instances discoverable on Shodan, the attack surface for automated, large-scale data theft is substantial.

Why Should TPRM Professionals Care About the Ollama Vulnerability?

The deployment of local LLM platforms like Ollama has accelerated as organizations seek to process sensitive data without relying on external cloud AI services. This creates a paradox of risk: the very reason vendors choose to run LLMs locally — to keep proprietary data on-premises — means that the server's heap memory is precisely where an organization's most sensitive assets reside.

For TPRM professionals, a vendor running a compromised Ollama instance represents a direct threat to shared confidential information. Because this vulnerability enables an unauthenticated attacker to silently read and exfiltrate heap memory, secrets that a vendor believed were secured by local processing — including API credentials for third-party services, internal network configurations, and data processed by LLM workloads — can be stolen without triggering standard security alerts. The zero-day status amplifies the urgency: there is no vendor-supplied patch, and the existence of a public PoC makes exploitation accessible to a broad range of threat actors.

What Questions Should TPRM Professionals Ask Vendors About the Ollama Vulnerability?

To accurately assess how your third-party partners are defending their AI infrastructure against this unpatched threat, consider asking the following technical questions:

Have you confirmed that all Ollama instances are bound exclusively to the local loopback address (OLLAMA_HOST="127.0.0.1:11434") and that external access to port 11434 is blocked at both the OS and network firewall levels?
Have you deployed an authenticated reverse proxy — such as Nginx with Basic Auth — in front of any Ollama instance to prevent unauthenticated access to the api/create and api/push endpoints?
Have you enforced a policy restricting model ingestion to trusted internal registries only, preventing the upload of malicious third-party GGUF files that serve as the exploit delivery mechanism?
Are you actively monitoring system logs for indicators of exploitation, including segmentation faults, out-of-bounds errors, or unexpected outbound model push requests to unrecognized registries?

Remediation Recommendations for Vendors Subject to This Risk

Because no official patch exists for CVE-2026-5757, vendors must implement network-level mitigations immediately. The following recommendations are drawn directly from the published advisory at undercodetesting.com and CERT/CC Vulnerability Note VU#518910.

Bind Ollama to Localhost: Set OLLAMA_HOST="127.0.0.1:11434" before starting the service to prevent any external network access.
Block Port 11434 at the OS Firewall: Apply explicit iptables (Linux) or Windows Firewall rules to drop all external connections to Ollama's default port.
Deploy a Reverse Proxy with Authentication: Place an authenticated Nginx proxy in front of Ollama to block unauthenticated access to the api/create and api/push endpoints.
Restrict Model Sources: Enforce a policy limiting model ingestion to verified internal registries. Prohibit loading GGUF files from unverified external sources.
Monitor for Exploitation Indicators: Actively monitor logs for crashes, out-of-bounds errors, unauthorized POST requests to /api/create, and unusual outbound traffic to unknown registries.

Black Kite's Ollama FocusTag® details critical insights on the event for TPRM professionals.

Langflow - Apr2026 (CVE-2026-42048)

What Is the Langflow Path Traversal Vulnerability?

CVE-2026-42048 is a Critical-severity Path Traversal vulnerability with a CVSS score of 9.6, affecting Langflow versions 1.8.4 and earlier. Langflow is a widely deployed open-source orchestration framework for building and managing AI and LLM applications, routinely used to handle sensitive datasets stored in its Knowledge Base component. The vulnerability resides in the bulk delete endpoint of the Knowledge Bases API (DELETE /api/v1/knowledge_bases) and stems from a complete absence of path containment logic in the delete_knowledge_bases_bulk function.

The attack chain is straightforward and highly destructive. An authenticated attacker supplies crafted directory traversal sequences — such as ../victim_user/kb_name or ../../../etc/some_config — in the kb_names parameter. Because the application does not normalize the path using Path.resolve() or verify that the resolved path falls within the user's authorized directory before passing it to Python's shutil.rmtree() function, the operating system executes a recursive, permanent deletion on the attacker-controlled path. The impact is catastrophic: an attacker can step out of their assigned directory and delete any folder on the server that the Langflow process has authority to modify — including other users' knowledge bases, critical application directories, or system files. A public Proof-of-Concept is available. The vulnerability is not listed in CISA's KEV Catalog. Approximately 273 Langflow instances are discoverable on Shodan. The fixed version is Langflow 1.9.0.

Why Should TPRM Professionals Care About the Langflow Vulnerability?

Langflow operates as the backbone of AI-powered workflows in enterprise environments, managing proprietary datasets, custom knowledge bases, and the sensitive documents that feed LLM-based applications. Unlike many vulnerabilities that focus on data exfiltration, this flaw enables permanent, irreversible destruction of data. In multi-tenant deployments — common in managed AI platforms — a single authenticated user can wipe other users' data or destabilize the entire service.

For TPRM professionals, a vendor running a vulnerable Langflow instance represents a business continuity and data integrity risk. If a vendor's Langflow deployment processes documents or datasets shared from your organization as part of an AI-assisted workflow, those assets could be permanently destroyed through exploitation of this flaw. The destructive nature of the attack — recursive deletion with no recovery path if backups are stored on the same local filesystem — makes this a targeted sabotage vector as well as a service disruption threat. With a CVSS of 9.6 and a public PoC available, the window for unpatched exposure is narrow.

What Questions Should TPRM Professionals Ask Vendors About the Langflow Vulnerability?

To evaluate how your third-party partners are protecting their AI orchestration infrastructure against this destructive flaw, consider asking the following technical questions:

Have you upgraded all Langflow instances to version 1.9.0 or later, which introduces robust path containment checks using Path.is_relative_to() to fully remediate CVE-2026-42048?
Have you reviewed API access logs for the DELETE /api/v1/knowledge_bases endpoint for any suspicious kb_names entries containing traversal sequences such as .., /, or backslash characters?
Is your Langflow process running under a dedicated, least-privilege service account with no write or delete permissions for system-level or other users' root directories?
Are all critical knowledge bases and datasets backed up to a separate, read-only or off-site storage solution to mitigate the impact of deliberate or accidental recursive deletion?
Have you implemented rate limiting or anomaly detection on bulk deletion endpoints to identify and block potential abuse patterns before significant data loss occurs?

Remediation Recommendations for Vendors Subject to This Risk

The following recommendations are drawn directly from the official Langflow security advisory published on GitHub.

Immediate Software Upgrade: Update Langflow to version 1.9.0 or later. This release introduces Path.is_relative_to() containment checks, ensuring all deletion requests are strictly confined to the user's authorized directory.
Audit Knowledge Base Activity: Review API logs for the DELETE /api/v1/knowledge_bases endpoint. Look for kb_names values containing traversal sequences such as .., /, or \ characters.
Enforce Least Privilege: Ensure the Langflow process runs under a dedicated service account without write or delete permissions for system directories or other users' data.
Implement Off-Site Backups: Back up all critical knowledge bases and datasets to a separate, read-only or off-site storage location to enable recovery in the event of destructive exploitation.
Restrict Bulk API Access: In multi-tenant environments, apply rate limiting and monitoring to bulk deletion endpoints to detect and block abuse before significant damage occurs.

Black Kite's Langflow - Apr2026 FocusTag® details critical insights on the event for TPRM professionals.

SonicWall SonicOS - Apr2026 (CVE-2026-0204, CVE-2026-0205, CVE-2026-0206)

What Are the SonicWall SonicOS Vulnerabilities?

Three security vulnerabilities have been identified in SonicWall SonicOS, the operating system powering SonicWall's Gen 6, Gen 7, and Gen 8 firewall product lines. These flaws span improper access control, post-authentication path traversal, and a stack-based buffer overflow, collectively enabling unauthorized management access, restricted service interaction, and Denial of Service conditions against the network perimeter devices that protect entire corporate environments. No public Proof-of-Concept is available, and none of the vulnerabilities are listed in CISA's Known Exploited Vulnerabilities (KEV) Catalog. Approximately 4,955 SonicWall instances are discoverable on Shodan.

CVE-2026-0204 (CVSS 8.0, EPSS 0.01%) is a High-severity Improper Access Control vulnerability stemming from a weak authentication mechanism (CWE-1390) in the SonicOS management interface. Under specific conditions, the access control logic fails to properly validate requests, potentially allowing an attacker on the same network segment to access management functions that should be restricted — including the ability to view or modify device configurations without authorization.

CVE-2026-0205 (CVSS 6.8, EPSS 0.01%) is a Medium-severity post-authentication Path Traversal vulnerability (CWE-35) that allows an already-authenticated attacker to craft malicious input escaping intended directory boundaries, interacting with services on the firewall that are normally restricted. CVE-2026-0206 (CVSS 4.9, EPSS 0.14%) is a Medium-severity post-authentication Stack-based Buffer Overflow (CWE-121) that corrupts the execution flow of the SonicOS daemon, allowing a remote authenticated attacker with high privileges to crash the firewall and initiate a Denial of Service condition, disrupting all network traffic passing through the device. These vulnerabilities are tracked in the EU Vulnerability Database as EUVD-2026-26254, EUVD-2026-26255, and EUVD-2026-26256.

Why Should TPRM Professionals Care About the SonicWall SonicOS Vulnerabilities?

SonicWall firewalls are critical perimeter defense assets for thousands of organizations, managing all inbound and outbound network traffic. A vulnerability in these devices does not target a single application — it targets the infrastructure that enforces every security boundary within a vendor's environment. A compromise or crash of a perimeter firewall can leave an entire corporate network exposed or completely disconnected.

For TPRM professionals, a vendor operating unpatched SonicWall firewalls represents a systemic risk. CVE-2026-0204's improper access control means that management functions — including configuration changes — may be accessible to unauthorized actors on the same network segment. CVE-2026-0206's buffer overflow provides a path to crashing the firewall entirely, potentially creating a window during which all traffic flows without inspection. The breadth of affected hardware — spanning Gen 6, Gen 7, and Gen 8 — means that vendors across all hardware generations are exposed, regardless of how recently they deployed their devices.

What Questions Should TPRM Professionals Ask Vendors About the SonicWall SonicOS Vulnerabilities?

To evaluate how your third-party partners are securing their network perimeter devices against these vulnerabilities, consider asking the following technical questions:

Have you upgraded all SonicWall devices to the fixed firmware versions — 6.5.5.2-28n (Gen 6), 7.3.2-7010 (Gen 7), or 8.2.0-8009 (Gen 8) — to remediate CVE-2026-0204, CVE-2026-0205, and CVE-2026-0206?
As an interim measure, have you disabled HTTP/HTTPS-based management and SSL-VPN access on all interfaces and restricted management access strictly to SSH from trusted administrative IP addresses via Access Control Lists (ACLs)?
Have you reviewed device logs for unexpected reboots or service crashes that may indicate attempted exploitation of the CVE-2026-0206 buffer overflow?
Have you performed a full configuration backup before applying firmware upgrades, noting that Gen 6 users cannot downgrade from the fixed version without risking a reset of LDAP and MFA settings?

Remediation Recommendations for Vendors Subject to This Risk

The following recommendations are drawn directly from SonicWall's PSIRT advisory SNWLID-2026-0004 and the securityonline.info analysis of these vulnerabilities.

Immediate Firmware Upgrade: Update all affected SonicWall devices to the fixed versions: 6.5.5.2-28n (Gen 6 Hardware), 7.3.2-7010 (Gen 7 and NSv Virtual Appliances), or 8.2.0-8009 (Gen 8). This is the primary and definitive remediation.
Restrict Management Interface Access: Until patches are applied, disable HTTP/HTTPS-based management and SSL-VPN access on all interfaces. Limit management access to SSH only, reachable exclusively from specific, trusted administrative IP addresses via ACLs.
Backup Configuration Before Upgrading: Perform a complete configuration backup before applying firmware updates. Gen 6 users should note that downgrading from the patched version will reset LDAP and MFA settings.
Monitor for Unexpected Reboots: Review SonicOS device logs for unexpected reboots or service crashes, which may indicate active exploitation attempts targeting CVE-2026-0206.

Black Kite's SonicWall SonicOS - Apr2026 FocusTag® details critical insights on the event for TPRM professionals.

n8n - Apr2026 (CVE-2026-42231, CVE-2026-42232)

What Are the n8n Prototype Pollution Vulnerabilities?

Two critical security vulnerabilities — CVE-2026-42231 and CVE-2026-42232 — have been identified in n8n, the widely deployed open-source workflow automation platform. Both flaws involve Prototype Pollution through insecure XML parsing and, when chained with other internal n8n operations, result in full Remote Code Execution (RCE) on the host server. No public Proof-of-Concept is available, and neither vulnerability has been added to CISA's Known Exploited Vulnerabilities (KEV) Catalog.

CVE-2026-42231 carries a CVSS 4.0 score of 10.0 and targets the Webhook node's XML body parser. An unauthenticated attacker can send a crafted HTTP request containing an XML payload with specially formatted keys — such as __proto__ — that the xml2js parsing library processes incorrectly. Rather than creating a standard data object, the parser writes attacker-controlled values directly into the global Object.prototype, corrupting the JavaScript runtime environment for all subsequent operations within the n8n process.

CVE-2026-42232, with a CVSS 4.0 score of 9.4, affects the XML node used during n8n workflow execution. An authenticated user with workflow creation or modification permissions can configure the XML node to parse a malicious string and achieve the same prototype pollution outcome. The critical escalation path involves chaining this pollution with the Git node: by injecting values into prototype properties used during Git SSH operations, an attacker can embed arbitrary arguments into shell commands — transforming a JavaScript property manipulation into OS-level Remote Code Execution. Both vulnerabilities affect n8n Weekly/Main versions prior to 2.18.1, LTS versions prior to 2.17.4, and Legacy versions prior to 1.123.32.

Why Should TPRM Professionals Care About the n8n Vulnerabilities?

n8n has become the connective tissue of modern enterprise operations. Organizations deploy it as a central automation hub that bridges SaaS platforms, internal databases, communication tools, and custom APIs — routinely processing authentication tokens, database credentials, and sensitive business data as part of its normal operation.

For TPRM professionals, an n8n instance compromised via these Prototype Pollution vulnerabilities represents a catastrophic supply chain failure point. Because n8n inherently holds credentials for every service it connects to, a successful RCE attack does not compromise a single system — it hands an attacker a master key to an entire vendor's integrated technology stack. The unauthenticated attack vector of CVE-2026-42231 makes this exposure particularly acute for any vendor that exposes n8n Webhook endpoints to the internet. With approximately 25,839 n8n instances discoverable via Shodan, the scale of potential exposure demands immediate attention.

What Questions Should TPRM Professionals Ask Vendors About the n8n Vulnerabilities?

To evaluate how your third-party partners are securing their workflow automation infrastructure against these critical flaws, consider asking the following technical questions:

Have you upgraded all n8n instances to the patched versions — Weekly/Main 2.18.1, LTS 2.17.4, or Legacy 1.123.32 — to fully remediate CVE-2026-42231 and CVE-2026-42232?
If an immediate upgrade is not feasible, have you disabled the XML node by adding n8n-nodes-base.xml to the NODES_EXCLUDE environment variable and restricted external access to Webhook endpoints as temporary mitigations?
Have you limited workflow creation and editing permissions strictly to fully trusted users, as recommended in both GitHub security advisories (GHSA-q5f4-99jv-pgg5 and GHSA-hqr4-h3xv-9m3r)?
Have you audited n8n logs for incoming Webhook requests containing XML payloads with suspicious keys such as __proto__, constructor, or prototype, which indicate active exploitation attempts?
Have you reviewed and rotated all API keys, OAuth tokens, and database connection strings stored within the n8n credential manager, given that a successful RCE would expose the full credential store?

Remediation Recommendations for Vendors Subject to This Risk

The following recommendations are drawn directly from the official n8n security advisories published on GitHub. Upgrade to a Patched Version Immediately: Weekly/Main 2.18.1 or later, LTS 2.17.4 or later, or Legacy 1.123.32 or later.

Temporary Workaround — Disable the XML Node (CVE-2026-42232): Add n8n-nodes-base.xml to the NODES_EXCLUDE environment variable. Note: this workaround does not fully remediate the risk and will break existing workflows that depend on XML parsing.
Restrict Workflow Permissions (Both CVEs): Limit workflow creation and editing permissions to fully trusted users only, as explicitly recommended in both advisories.
Monitor Webhook Traffic: Review incoming Webhook logs for XML payloads containing prototype pollution keys — __proto__, constructor, or prototype — indicating exploitation attempts.
Run n8n as a Low-Privileged Service Account: Ensure the n8n process runs under a dedicated, low-privilege OS user to limit the blast radius of a successful RCE.

Black Kite's n8n - Apr2026 FocusTag® details critical insights on the event for TPRM professionals.

How TPRM Professionals Can Leverage Black Kite for These Vulnerabilities

Managing third-party risk across such a diverse threat landscape — a zero-day in an AI model platform, a destructive path traversal in an AI orchestration framework, access control failures in perimeter firewall devices, and prototype pollution flaws in a workflow automation engine — requires precise, actionable intelligence delivered at speed. Black Kite addresses this challenge by publishing and continuously updating specialized FocusTags®. This week, Black Kite's threat intelligence team published the Ollama FocusTag® and n8n - Apr2026 FocusTag® on April 27, 2026, followed by the Langflow - Apr2026 FocusTag® on April 29, 2026, and the SonicWall SonicOS - Apr2026 FocusTag® on April 30, 2026.

TPRM teams can operationalize these tags to immediately filter their entire vendor portfolio, isolating the exact organizations running exposed Ollama instances, vulnerable Langflow deployments, unpatched SonicWall firewalls, or n8n installations susceptible to prototype pollution. Instead of relying on slow, labor-intensive questionnaire cycles, analysts can use Black Kite's platform to drive an evidence-based incident response strategy — directing outreach exclusively at vendors that are demonstrably at risk.

A critical differentiator of Black Kite's intelligence is the provision of granular, technical asset information. When a FocusTag® identifies a vulnerable vendor, the platform explicitly details the specific IP addresses and subdomains hosting the at-risk applications — whether it is an internet-exposed Ollama instance leaking heap memory, a Langflow deployment with bulk delete endpoints accessible to authenticated users, an unpatched SonicWall management interface, or an n8n deployment with its Webhook endpoint reachable from the internet. Armed with this exact infrastructure data, risk professionals can bypass broad assessments and directly present vendors with undeniable proof of their exposure.

Strengthening TPRM Outcomes with Black Kite’s FocusTags®

In an environment where attackers target everything from AI deployment infrastructure and orchestration frameworks to the firewalls protecting enterprise perimeters and the automation engines connecting every internal system, traditional static risk assessments fall short. Black Kite's FocusTags® are designed to transform overwhelming vulnerability data into a prioritized, actionable defense strategy.

When managing the complexity of this week's disclosures, Black Kite's FocusTags® empower your team through:

Immediate Threat Visibility: Instantly identify which vendors are running exposed Ollama instances, unpatched Langflow deployments, vulnerable SonicWall firewalls, or n8n installations susceptible to prototype pollution — enabling rapid, decisive outreach before exploitation occurs.
Contextual Risk Triage: Evaluate each vendor's exposure against their business criticality. A vendor running vulnerable n8n that connects directly to your shared data environment demands different urgency than one with no such integration.
Evidence-Based Vendor Collaboration: Move past broad, time-consuming questionnaires. Equip your risk teams with the exact IP addresses and subdomains affected by these vulnerabilities to facilitate targeted, verifiable remediation discussions.
Resilient Supply Chain Defense: Maintain a continuous, comprehensive view of your extended attack surface — including the AI platforms, orchestration frameworks, automation tools, and perimeter devices now central to vendor operations — so your organization can adapt its security posture as new threat vectors emerge.

By transforming raw cyber threat data into precise, actionable intelligence, Black Kite's FocusTags® provide TPRM professionals with the exact tools needed to efficiently and effectively secure the digital supply chain against today's most sophisticated attacks.

About Focus Friday

Every week, we delve into the realms of critical vulnerabilities and their implications from a Third-Party Risk Management (TPRM) perspective. This series is dedicated to shedding light on pressing cybersecurity threats, offering in-depth analyses, and providing actionable insights.

FocusTags® in the Last 30 Days:

Ollama : CVE-2026-5757, Critical Zero-Day Information Disclosure, Out-of-Bounds Read, and Memory Corruption Vulnerability allowing unauthenticated heap memory exfiltration via malicious GGUF model uploads. Status: Unpatched.
Langflow - Apr2026 : CVE-2026-42048, Critical Path Traversal Vulnerability in the Knowledge Bases API allowing authenticated users to permanently delete arbitrary server directories via the bulk delete endpoint.
SonicWall SonicOS - Apr2026 : CVE-2026-0204, CVE-2026-0205, CVE-2026-0206, High-Severity Improper Access Control, Post-Authentication Path Traversal, and Stack-Based Buffer Overflow Vulnerabilities in SonicWall Gen 6, Gen 7, and Gen 8 firewalls allowing unauthorized management access and Denial of Service.
n8n - Apr2026 : CVE-2026-42231, CVE-2026-42232, Critical Prototype Pollution Vulnerabilities via XML parsing in the Webhook body parser and XML node, chainable to full Remote Code Execution on the host server.
ActiveMQ - Apr2026 : CVE-2026-34197, High-Severity Code Injection Vulnerability allowing arbitrary code execution via the Jolokia JMX-HTTP bridge.
Zimbra - Apr2026 : CVE-2025-48700, Critical Cross-Site Scripting (XSS) Vulnerability actively exploited in the wild allowing for session hijacking and sensitive information disclosure.
Exchange Server - Apr2026 : CVE-2023-21529, Critical Remote Code Execution Vulnerability due to insecure deserialization allowing full system compromise.
SharePoint - Apr2026 : CVE-2026-32201, CVE-2026-20945, Medium-Severity Improper Input Validation and Spoofing Vulnerabilities allowing network spoofing and deceptive content delivery.
MSSQL - Apr2026 : CVE-2026-32167, CVE-2026-32176, CVE-2026-33120, High-Severity Untrusted Pointer Dereference and SQL Injection vulnerabilities allowing privilege escalation and Remote Code Execution.
Lodash : CVE-2026-4800, High-Severity Code Injection Vulnerability in the _.template function allowing arbitrary code execution.
Dolibarr : CVE-2026-23500, Critical OS Command Injection and Remote Code Execution Vulnerability due to improper validation of document conversion paths.
Squid Proxy - Mar2026 : CVE-2026-33526, CVE-2026-32748, CVE-2026-33515, Critical Use-After-Free and Denial of Service Vulnerabilities in the Internet Cache Protocol (ICP) causing remote service crashes and information disclosure.