CISA 2026-04-02

CISA Adds One Known Exploited Vulnerability to Catalog

CVE-2026-3502

Machine-generated analysis · WAYSCloud LLM

The added vulnerability involves a download of code without integrity check in TrueConf Client, which could allow unauthorized code execution if exploited.

Context

TrueConf Client is a video conferencing application used for enterprise communication. The advisory states that CVE-2026-3502 allows download of code without proper integrity verification, a technique often exploited to introduce malicious payloads. The advisory does not specify the conditions under which exploitation occurs or whether authentication is required. Notably, this is the only vulnerability added to the KEV catalog on this date, suggesting limited but confirmed active exploitation.

Operator considerations

Check: TrueConf Client installations within the environment, particularly on FCEB systems or where federal compliance is relevant.

From Cybersecurity and Infrastructure Security Agency ↗

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

CVE-2026-3502 TrueConf Client Download of Code Without Integrity Check Vulnerability

This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies...

Read the full advisory on CISA →