CVE-2026-55255
Summary of technical details : CVE-2026-55255 is an IDOR in Langflow prior to version 1.9.1 where an authenticated user could trigger a victim’s flow by supplying the victim’s flow UUID to the /api/v1/responses endpoint. The root cause is in get_flow_by_id_or_endpoint_name(), which could load a F...