Lucene search
K

12 matches found

NVD
NVD
added 2026/06/23 5:17 p.m.8 views

CVE-2026-48519

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, the "Shareable Playground" or "Public Flows" in code contains a critical RCE vulnerability. Shareable Playground feature works by enabling the execution of workflows by unauthenticated users, by accessi...

9.6CVSS0.00688EPSS
Exploits1References1
NVD
NVD
added 2026/06/23 5:17 p.m.9 views

CVE-2026-48520

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.10.0, the "Shareable Playground" or "Public Flows" in code contains a potential arbitrary file-read vulnerability, depending on the exact flow configuration used. By making a flow public, public execution of...

6.1CVSS0.00269EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/23 4:31 p.m.39 views

CVE-2026-48520 Langflow: Unauthenticated Shareable Playground arbitrary local or S3 file read

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.10.0, the "Shareable Playground" or "Public Flows" in code contains a potential arbitrary file-read vulnerability, depending on the exact flow configuration used. By making a flow public, public execution of...

6.1CVSS0.00269EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 4:31 p.m.17 views

CVE-2026-48520

CVE-2026-48520 (Langflow) : Multiple sources confirm a vulnerability in the Shareable Playground/Public Flows feature prior to Langflow 1.10.0. An unauthenticated user can trigger public flow execution and supply a files list to the /api/v1/build_public_tmp endpoint, causing Langflow to read arbi...

6.1CVSS6.1AI score0.00269EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/06/23 4:25 p.m.55 views

CVE-2026-48519

Langflow CVE-2026-48519 exposes unauthenticated RCE via the Shareable Playground. Affected: Langflow prior to 1.9.2. Vulnerable route: /api/v1/build_public_tmp permits executing any public flow; payloads can inject arbitrary Python code into data.nodes[X].data.node.template.code.value. Impact is ...

9.6CVSS6.3AI score0.00688EPSS
Exploits1References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 4:8 p.m.3 views

Security Bulletin: Unauthenticated Server-Side RCE via PythonCodeStructuredTool in Public Flows

Summary Langflow OSS contains unauthenticated server-side RCE via PythonCodeStructuredTool executing attacker-controlled Python through exec at flow-build time. Sink in execself.toolcode, globals, localnamespace where toolcode is attacker-controlled template field. Two paths: A Authenticated POST...

10CVSS6AI score0.00314EPSS
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/16 5:36 p.m.16 views

Langflow: Unauthenticated Shareable Playground arbitrary local or S3 file read

Summary The "Shareable Playground" or "Public Flows" in code contains a potential arbitrary file-read vulnerability, depending on the exact flow configuration used. By making a flow public, public execution of the flow is allowed. The execution request can contain a list of files that gets read b...

6.1CVSS5.9AI score0.00269EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/06/16 5:36 p.m.7 views

GHSA-RCJH-R59H-GQ37 Langflow: Unauthenticated Shareable Playground arbitrary local or S3 file read

Summary The "Shareable Playground" or "Public Flows" in code contains a potential arbitrary file-read vulnerability, depending on the exact flow configuration used. By making a flow public, public execution of the flow is allowed. The execution request can contain a list of files that gets read b...

6.1CVSS6AI score0.00269EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/06/16 5:35 p.m.23 views

Langflow: Unauthenticated RCE in Shareable Playgrounds

Summary The "Shareable Playground" or "Public Flows" in code contains a critical RCE vulnerability. Simply sharing a flow exposes the deployment to RCE risk by authenticated users. Tested on commit 2d67402b1dbaefcbce85a244d4a6cd5e4bda1cfe Details Shareable Playground feature works by enabling the...

9.6CVSS6AI score0.00688EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:0 p.m.7 views

CVE-2026-33017

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/buildpublictmp/flowid/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses...

9.8CVSS7.9AI score0.9999EPSS
Exploits52References1
CISA KEV Catalog
CISA KEV Catalog
added 2026/03/25 12:0 a.m.11 views

Langflow Code Injection Vulnerability

Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication...

9.8CVSS6.1AI score0.98191EPSS
In wildExploits20
OSV
OSV
added 2026/03/17 8:5 p.m.9 views

GHSA-VWMF-PQ79-VJVX Unauthenticated Remote Code Execution in Langflow via Public Flow Build Endpoint

Summary The POST /api/v1/buildpublictmp/flowid/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses attacker-controlled flow data containing arbitrary Python code in node definitions instead of the stored flow...

9.8CVSS6.5AI score0.98191EPSS
Exploits20References12
Rows per page
Query Builder