THREATOPS
THREAT OPSCVEs › CVE-2026-3502

CVE-2026-3502 — TrueConf Client Download of Code Without Integrity Check Vulnerability

CISA KEVExploited: confirmedTrueConf

TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user.

Vulnerability details

Related reporting