THREAT OPS › Threat News › May 2026 CVE Landscape
May 2026 CVE Landscape
<p>In May 2026, <a href="https://www.recordedfuture.com/research/insikt-group">Insikt Group®</a> identified <strong>41 high-impact vulnerabilities that should be prioritized for remediation</strong>, all of which had a Very Critical Recorded Future Risk Score. This represents an 11% increase from last month.</p> <p>These vulnerabilities affected products from 20 vendors. 21 of the 41 vulne
MITRE ATT&CK techniques
Indicators of compromise
- 7790fd1035266000ed6d6cc35822f7683f5271663af8a5b5effadff85316df6dsha256
- CVE-2008-4250cve
- CVE-2009-1537cve
- CVE-2009-3459cve
- CVE-2010-0249cve
- CVE-2010-0806cve
- CVE-2025-34291cve
- CVE-2026-0257cve
- CVE-2026-0300cve
- CVE-2026-20182cve
- CVE-2026-31431cve
- CVE-2026-34926cve
- CVE-2026-41091cve
- CVE-2026-42208cve
- CVE-2026-42897cve
- CVE-2026-45321cve
- CVE-2026-45498cve
- CVE-2026-48027cve
- CVE-2026-48172cve
- CVE-2026-6973cve
- CVE-2026-8398cve
- CVE-2026-9082cve
- CVE-2026-26980cve
- https://www.exploit-db.com/exploits/7132url
- http://www.exploit-db.com/exploits/11167url
- https://www.obsidiansecurity.com/blog/cve-2025-34291-critical-account-takeover-and-rce-vulnerability-in-the-langflow-ai-agent-workflow-platformurl
- https://blog.xlab.qianxin.com/ghost-cms-mass-compromised-via-cve-2026-26980-now-fueling-clickfix-attacks/url
Original source: https://www.recordedfuture.com/blog/may-2026-cve-landscape