CVE-2026-3502: TrueConf Client Download of Code Without Integrity Check
TrueConf Client Download of Code Without Integrity Check Vulnerability. TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user.
- CISA KEV-listed (remediation due 2026-04-16)
- EPSS 3.1% (87.2% percentile)