Cloud Security Research & Threat Intelligence

A stylized graphic of a digital datacenter tower being attacked on a specific shelf

Critical Langflow Path Traversal Flaw Exploited for Unauthenticated RCE

Executive Summary A high-severity vulnerability (CVE-2026-5027, CVSS 8.8) was disclosed affecting Langflow, an open-source low-code platform widely used for building AI applications, allowing attackers to achieve remote code execution via a path traversal in the file upload endpoint. Due to the potential for full system compromise and the trivial nature of exploitation, immediate patching is …

June 11, 2026
By The Orca Research Pod

Latest

All Latest

Explore

Discovered Vulnerabilities

Cyber-themed illustration of a Linux SMB3 server with a broken padlock, symbolizing a missing lock vulnerability in ksmbd.

CVE-2026-23226: How a Missing Lock in ksmbd’s Channel List Exposes Your Linux SMB3 Server

Overview The Orca Security Research Pod discovered a use-after-free race condition in the Linux kernel’s ksmbd SMB3 server. When two connections share a session over SMB3 multichannel, the kernel can read a freed channel struct – exposing the per-channel AES-128-CMAC signing key and causing a kernel panic. An attacker needs valid SMB credentials and network …

April 08, 2026
By Igor Stepansky

A stylized graphic of a pickle smashing into a pipeline

Pickle in the Pipeline: Critical RCE Vulnerabilities in SGLang’s LLM Serving Framework

March 11, 2026

Stylized 3D visualization of an active cybersecurity exploit featuring glowing red computer code fragments and a central target aperture.

Actively Exploited Chrome Zero-Day May Impact Enterprise, Developer, and Automation Environments

February 23, 2026

A stylized graphic of ominous clouds with a digitized skull on top

RoguePilot: Exploiting GitHub Copilot for a Repository Takeover

February 16, 2026

A stylized graphic of a distorted pull request from GitHub on top of ominous clouds

Hacking GitHub Codespaces via VS Code Defaults: A Supply-Chain Attack Vector

February 04, 2026

All Discovered Vulnerabilities

In the News

All In the News

2026 State of Application Security Report: When Development Velocity Outpaces Security

Get the Report

Critical Langflow Path Traversal Flaw Exploited for Unauthenticated RCE

Latest

Critical PhpSpreadsheet RCE Patch Bypass Puts Millions at Risk

Critical Splunk Enterprise Vulnerabilities Allow Unauthenticated File Operations and Remote Code Execution

Critical Jupyter Enterprise Gateway Vulnerabilities Enable Full Kubernetes Cluster Takeover

Massive PyPI Supply Chain Attack Harvests Cloud Credentials via Python Startup Hooks

Explore

Discovered Vulnerabilities

CVE-2026-23226: How a Missing Lock in ksmbd’s Channel List Exposes Your Linux SMB3 Server

Pickle in the Pipeline: Critical RCE Vulnerabilities in SGLang’s LLM Serving Framework

Actively Exploited Chrome Zero-Day May Impact Enterprise, Developer, and Automation Environments

RoguePilot: Exploiting GitHub Copilot for a Repository Takeover

Hacking GitHub Codespaces via VS Code Defaults: A Supply-Chain Attack Vector

‘Orca Watch’ Series

Critical Langflow Path Traversal Flaw Exploited for Unauthenticated RCE

Critical PhpSpreadsheet RCE Patch Bypass Puts Millions at Risk

Critical Splunk Enterprise Vulnerabilities Allow Unauthenticated File Operations and Remote Code Execution

Massive PyPI Supply Chain Attack Harvests Cloud Credentials via Python Startup Hooks

Critical WordPress Plugin Vulnerability Allows Unauthenticated Admin Takeover on 150K Sites

Technical Deep Dives

CVE-2026-23226: How a Missing Lock in ksmbd’s Channel List Exposes Your Linux SMB3 Server

Supply Chain Attack on Axios Delivers Cross-Platform RAT via Compromised npm Account

Post-Exploitation at Scale: The Rise of AILM

Watch the Typo: Our PoC Exploit for Typosquatting in GitHub Actions

Kubernetes Testing Environment: An Open Source Resilience Platform for EKS, GKE and AKS

Thought Leadership

Orca Security Recognized in the 2026 TAG Enterprise AI Security Handbook

Navigating Cloud Security in 2026: Join Cloud Security LIVE

Anthropic’s Project Glasswing Is a Positive Step Toward Cleaner, Safer Production

AI Is Entering Your Infrastructure. Now what?

Beyond the Sticker Price: Understanding the True Cost of Your Security Tools

In the News

The 10 Hottest Cybersecurity Tools And Products Of 2025 (So Far)

From ’Shadow AI’ To Agentic Anarchy, AI-SPM Is Key To Visibility: Experts

Cloud security faces mounting threats, Orca warns

2026 State of Application Security Report: When Development Velocity Outpaces Security

Featured

Critical Langflow Path Traversal Flaw Exploited for Unauthenticated RCE

Latest

Critical PhpSpreadsheet RCE Patch Bypass Puts Millions at Risk

Critical Splunk Enterprise Vulnerabilities Allow Unauthenticated File Operations and Remote Code Execution

Critical Jupyter Enterprise Gateway Vulnerabilities Enable Full Kubernetes Cluster Takeover

Massive PyPI Supply Chain Attack Harvests Cloud Credentials via Python Startup Hooks

Discovered Vulnerabilities

CVE-2026-23226: How a Missing Lock in ksmbd’s Channel List Exposes Your Linux SMB3 Server

Pickle in the Pipeline: Critical RCE Vulnerabilities in SGLang’s LLM Serving Framework

Actively Exploited Chrome Zero-Day May Impact Enterprise, Developer, and Automation Environments

RoguePilot: Exploiting GitHub Copilot for a Repository Takeover

Hacking GitHub Codespaces via VS Code Defaults: A Supply-Chain Attack Vector

‘Orca Watch’ Series

Critical Langflow Path Traversal Flaw Exploited for Unauthenticated RCE

Critical PhpSpreadsheet RCE Patch Bypass Puts Millions at Risk

Critical Splunk Enterprise Vulnerabilities Allow Unauthenticated File Operations and Remote Code Execution

Massive PyPI Supply Chain Attack Harvests Cloud Credentials via Python Startup Hooks

Critical WordPress Plugin Vulnerability Allows Unauthenticated Admin Takeover on 150K Sites

Technical Deep Dives

CVE-2026-23226: How a Missing Lock in ksmbd’s Channel List Exposes Your Linux SMB3 Server

Supply Chain Attack on Axios Delivers Cross-Platform RAT via Compromised npm Account

Post-Exploitation at Scale: The Rise of AILM

Watch the Typo: Our PoC Exploit for Typosquatting in GitHub Actions

Kubernetes Testing Environment: An Open Source Resilience Platform for EKS, GKE and AKS

Thought Leadership

Orca Security Recognized in the 2026 TAG Enterprise AI Security Handbook

Navigating Cloud Security in 2026: Join Cloud Security LIVE

Anthropic’s Project Glasswing Is a Positive Step Toward Cleaner, Safer Production

AI Is Entering Your Infrastructure. Now what?

Beyond the Sticker Price: Understanding the True Cost of Your Security Tools

The 10 Hottest Cybersecurity Tools And Products Of 2025 (So Far)

From ’Shadow AI’ To Agentic Anarchy, AI-SPM Is Key To Visibility: Experts

Cloud security faces mounting threats, Orca warns

2026 State of Application Security Report: When Development Velocity Outpaces Security