Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 4 days ago6 views

Langflow < 1.9.1 Multiple Vulnerabilities

The version of Langflow installed on the remote host is prior to 1.9.1. It is, therefore, affected by multiple vulnerabilities: - An Insecure Direct Object Reference IDOR vulnerability in the /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user...

9.3CVSS6.3AI score0.0056EPSS
Exploits3References4
VulnCheck KEV
VulnCheck KEV
added 2026/06/26 12:0 a.m.27 views

VulnCheck KEV: CVE-2026-55255

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, an Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in...

9.9CVSS5.8AI score0.0056EPSS
In wildExploits2References2
Vulnrichment
Vulnrichment
added 2026/06/23 4:28 p.m.5 views

CVE-2026-55255 Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in...

8.4CVSS6.2AI score0.0056EPSS
Exploits2References3
Cvelist
Cvelist
added 2026/06/23 4:28 p.m.67 views

CVE-2026-55255 Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in...

8.4CVSS0.0056EPSS
Exploits2References3
EUVD
EUVD
added 2026/06/23 4:28 p.m.9 views

EUVD-2026-38517

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, an Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in...

9.9CVSS5.9AI score0.0056EPSS
Exploits2References2
OSV
OSV
added 2026/06/23 4:28 p.m.6 views

CVE-2026-55255 Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in...

8.4CVSS6.2AI score0.0056EPSS
Exploits2References7
CVE
CVE
added 2026/06/23 4:28 p.m.353 views

CVE-2026-55255

Summary of technical details : CVE-2026-55255 is an IDOR in Langflow prior to version 1.9.1 where an authenticated user could trigger a victim’s flow by supplying the victim’s flow UUID to the /api/v1/responses endpoint. The root cause is in get_flow_by_id_or_endpoint_name(), which could load a F...

8.4CVSS6AI score0.0056EPSS
In wildExploits2References5Affected Software1
OSV
OSV
added 2026/06/19 9:16 p.m.9 views

GHSA-QRPV-Q767-XQQ2 Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow

Summary Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in the request. Details The vulnerability exists in the getflowbyidorendpointname helper...

8.4CVSS6AI score0.0056EPSS
Exploits2References8
Github Security Blog
Github Security Blog
added 2026/06/19 9:16 p.m.11 views

Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow

Summary Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in the request. Details The vulnerability exists in the getflowbyidorendpointname helper...

8.4CVSS6AI score0.0056EPSS
Exploits2References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.26 views

PT-2026-51099

Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.9.2 Description An Insecure Direct Object Reference IDOR issue exists in the /api/v1/responses endpoint. This occurs because the get flow by id or endpoint name function in src/backend/base/langflow/helpers/flow.py...

8.4CVSS6.3AI score0.0056EPSS
Exploits2References59
NVD
NVD
added 2026/05/15 8:16 p.m.17 views

CVE-2026-44556

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While...

7.1CVSS0.00306EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/15 7:46 p.m.9 views

CVE-2026-44556 Open WebUI: responses passthrough endpoint lacks access control authorization

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While...

7.1CVSS5.9AI score0.00306EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/15 7:46 p.m.14 views

EUVD-2026-30624

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While...

7.1CVSS6AI score0.00306EPSS
Exploits0References1
CVE
CVE
added 2026/05/15 7:46 p.m.24 views

CVE-2026-44556

Open WebUI vulnerability CVE-2026-44556 affects the /api/openai/responses endpoint, where the proxy forwards requests to upstream LLMs without enforcing per-model access control. Pre-0.9.0, any authenticated user could interact with any configured model by POSTing to /responses with an arbitrary ...

7.1CVSS6AI score0.00306EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/15 7:46 p.m.40 views

CVE-2026-44556 Open WebUI: responses passthrough endpoint lacks access control authorization

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While...

7.1CVSS0.00306EPSS
Exploits0References1
OSV
OSV
added 2026/05/15 7:46 p.m.2 views

CVE-2026-44556 Open WebUI: responses passthrough endpoint lacks access control authorization

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While...

7.1CVSS6.1AI score0.00306EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.9 views

Open WebUI 访问控制错误漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Prior to Open WebUI 0.9.0, there was an access control vulnerability. This vulnerability stemmed from the /responses endpoint in the OpenAI router, which accepted any authenticated user and directly...

7.1CVSS5.8AI score0.00306EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/08 7:45 p.m.9 views

Missing Authorization

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Missing Authorization through the /responses endpoint, which fails to enforce per-model access control. An attacker can interact with any configured model, including those restricted by administrators, by...

7.1CVSS5.9AI score0.00306EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/08 7:45 p.m.11 views

Open WebUI's responses passthrough endpoint lacks access control authorization

Summary The /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While the primary chat completion endpoint generatechatcompletion checks model ownership, group membership, and...

7.1CVSS6AI score0.00306EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/08 7:45 p.m.6 views

GHSA-HP5M-24VP-VQ2Q Open WebUI's responses passthrough endpoint lacks access control authorization

Summary The /responses endpoint in the OpenAI router accepts any authenticated user and forwards requests directly to upstream LLM providers without enforcing per-model access control. While the primary chat completion endpoint generatechatcompletion checks model ownership, group membership, and...

7.1CVSS6AI score0.00306EPSS
Exploits0References4
Rows per page
Query Builder