757 matches found
CVE-2025-57760 Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation
Langflow is a tool for building and deploying AI-powered agents and workflows. A privilege escalation vulnerability exists in Langflow containers where an authenticated user with RCE access can invoke the internal CLI command langflow superuser to create a new administrative user. This results in...
Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation (Post-RCE)
This vulnerability was discovered by researchers at Check Point. We are sharing this report as part of a responsible disclosure process and are happy to assist in validation and remediation if needed. Summary A privilege escalation vulnerability exists in Langflow containers where an authenticate...
GHSA-4GV9-MP8M-592R Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation (Post-RCE)
This vulnerability was discovered by researchers at Check Point. We are sharing this report as part of a responsible disclosure process and are happy to assist in validation and remediation if needed. Summary A privilege escalation vulnerability exists in Langflow containers where an authenticate...
PT-2025-34678
Name of the Vulnerable Software and Affected Versions: Langflow affected versions not specified Description: Langflow is a tool for building and deploying AI-powered agents and workflows. A privilege escalation vulnerability exists in Langflow containers where an authenticated user with Remote Co...
Langflow 安全漏洞
Langflow is a visualization framework for building multi-agent and RAG applications open-sourced by Langflow. A security vulnerability exists in Langflow that stems from improper management of permissions within a container, which could lead to elevation of privilege...
📄 Langflow 1.2.x Remote Code Execution
Langflow exposes a vulnerable endpoint /api/v1/validate/code that improperly evaluates arbitrary Python code via the exec function. An unauthenticated remote attacker can execute arbitrary system commands. Versions 1.2.x and below are affected. !/usr/bin/env python3 Exploit Title: Langflow 1.2.x ...
Langflow 1.2.x - Remote Code Execution (RCE)
!/usr/bin/env python3 Exploit Title: Langflow 1.2.x - Remote Code Execution RCE Date: 2025-07-11 Exploit Author: Raghad Abdallah Al-syouf Vendor Homepage: https://github.com/logspace-ai/langflow Software Link: https://github.com/logspace-ai/langflow/releases Version: = 1.2.x Tested on: Ubuntu /...
Exploit for Code Injection in Langflow
CVE-2025-3248: Langflow Unauthenticated Remote Code Execution...
Exploit for Code Injection in Langflow
CVE-2024-48061 Langflow vulnerable to remote code execution...
Exploit for Code Injection in Langflow
CVE-2025-3248 - Langflow Code Validation Endpoint RCE A proof...
Exploit for Code Injection in Langflow
⚠️ Langflow RCE Exploit Scanner CVE-2025-3248 This Python-b...
Exploit for Code Injection in Langflow
Langflow CVE-2025-3248 Exploit Tool !Severityhttps://img.s...
Exploit for Code Injection in Langflow
Langflow RCE Exploit CVE-2025-3248 !Python Versionhttps:...
Exploit for Code Injection in Langflow
CVE-2025-3248 Langflow RCE Scanner 🔍 Description A powerf...
Exploit for Code Injection in Langflow
CVE-2025-3248 – Unauthenticated Remote Code Execution in Langf...
Exploit for Code Injection in Langflow
CVE-2025-3248 — Langflow RCE Exploit Remote Code Execution R...
Exploit for Code Injection in Langflow
CVE-2025-3248 — Langflow AI Remote Code Execution Unauthentic...
Exploit for Code Injection in Langflow
Langflow CVE-2025-3248 Exploit A Python-based exploit for CVE...
GHSA-RVQX-WPFH-MFX7 Langflow Unauth RCE
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code...
Langflow Unauth RCE
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code...