Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Snyk
Snykadded 2026/04/20 4:11 a.m.2 views

Arbitrary File Upload

Overview Affected versions of this package are vulnerable to Arbitrary File Upload via the createuploadfile function. An attacker can upload arbitrary files by sending crafted requests to the affected API endpoint. Remediation Upgrade langflow-base to version 0.8.0 or higher. References - GitHub...

9.4CVSS7.2AI score0.00054EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2026/04/20 3:34 a.m.3 views

Langflow: DoS Through Lack of File Size Restriction via Deprecated Unauthenticated File Upload API

A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function createuploadfile of the file src/backend/base/Langflow/api/v1/endpoints.py of the component API Endpoint. The manipulation results in unrestricted upload. It is possible to launch the attack...

7.5CVSS7AI score0.00054EPSS
Exploits0References7Affected Software1
NVD
NVDadded 2026/04/20 3:16 a.m.1 views

CVE-2026-6596

A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function createuploadfile of the file src/backend/base/Langflow/api/v1/endpoints.py of the component API Endpoint. The manipulation results in unrestricted upload. It is possible to launch the attack...

7.5CVSS0.00054EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/04/20 2:15 a.m.2 views

CVE-2026-6596

A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function createuploadfile of the file src/backend/base/Langflow/api/v1/endpoints.py of the component API Endpoint. The manipulation results in unrestricted upload. It is possible to launch the attack...

7.5CVSS6.7AI score0.00054EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/20 2:15 a.m.1 views

CVE-2026-6596 langflow-ai langflow API Endpoint endpoints.py create_upload_file unrestricted upload

A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function createuploadfile of the file src/backend/base/Langflow/api/v1/endpoints.py of the component API Endpoint. The manipulation results in unrestricted upload. It is possible to launch the attack...

7.5CVSS6.7AI score0.00054EPSS
Exploits0References4
CVE
CVEadded 2026/04/20 2:15 a.m.4 views

CVE-2026-6596

LangFlow (langflow-ai) up to version 1.1.0 has a vulnerability in the API endpoint, specifically in create_upload_file (src/backend/base/Langflow/api/v1/endpoints.py). The flaw allows unrestricted file uploads and can be exploited remotely. Exploitation is supported by public disclosures; multipl...

7.5CVSS6.7AI score0.00054EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/06/23 8:41 a.m.6 views

CVE-2025-6282

A vulnerability was found in xlang-ai OpenAgents up to ff2e46440699af1324eb25655b622c4a131265bb and classified as critical. Affected by this issue is the function createuploadfile of the file backend/api/file.py. The manipulation leads to path traversal. The exploit has been disclosed to the publ...

5.5CVSS7.1AI score0.00631EPSS
Exploits1References1
CVE
CVEadded 2025/06/19 10:0 p.m.14 views

CVE-2025-6282

The CVE-2025-6282 issue affects xlang-ai OpenAgents, specifically the create_upload_file function in backend/api/file.py, where a path traversal vulnerability is introduced. Multiple connected sources confirm the vulnerability is critical and that the exploit has been disclosed publicly, with Ope...

9.8CVSS5.4AI score0.00631EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder