CISA has added CVE-2026-3502, a vulnerability in TrueConf Client involving the download of code without integrity checks, to its Known Exploited Vulnerabilities (KEV) Catalog due to active exploitation. Organizations are strongly urged to prioritize timely remediation to reduce their exposure to potential cyberattacks.