CVE-2026-3502
TrueConf Client Download of Code Without Integrity Check Vulnerability
⚠ KEVEPSS 2.8%
Description
TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user.
How to fix CVE-2026-3502
No package mapping is available — consult the references below for vendor-specific guidance.
Is CVE-2026-3502 being exploited?
Yes — CVE-2026-3502 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.
Affected packages (0)
No package mapping in OSV.