CISA has added CVE-2026-3502 to its Known Exploited Vulnerabilities catalogue after the flaw was observed in active attacks against government networks in Southeast Asia. The entry notes that the TrueConf client is affected and that a Intelligence briefing updated Apr 3, 2026
Sources consulted