Lucene search
K

20 matches found

Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.274 views

Langflow 1.2.x - Remote Code Execution (RCE)

!/usr/bin/env python3 Exploit Title: Langflow 1.2.x - Remote Code Execution RCE Date: 2025-07-11 Exploit Author: Raghad Abdallah Al-syouf Vendor Homepage: https://github.com/logspace-ai/langflow Software Link: https://github.com/logspace-ai/langflow/releases Version: = 1.2.x Tested on: Ubuntu /...

9.8CVSS7.4AI score0.9999EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/28 1:3 a.m.273 views

Exploit for Code Injection in Langflow

CVE-2025-3248 - Langflow Code Validation Endpoint RCE A proof...

9.8CVSS10AI score0.9999EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/25 3:40 a.m.337 views

Exploit for Code Injection in Langflow

⚠️ Langflow RCE Exploit Scanner CVE-2025-3248 This Python-b...

9.8CVSS10AI score0.9999EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/23 9:36 a.m.199 views

Exploit for Code Injection in Langflow

Langflow CVE-2025-3248 Exploit Tool !Severityhttps://img.s...

9.8CVSS10AI score0.9999EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/23 1:23 a.m.280 views

Exploit for Code Injection in Langflow

Langflow RCE Exploit CVE-2025-3248 !Python Versionhttps:...

9.8CVSS10AI score0.9999EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/22 4:30 p.m.244 views

Exploit for Code Injection in Langflow

CVE-2025-3248 Langflow RCE Scanner 🔍 Description A powerf...

9.8CVSS10AI score0.9999EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/22 3:49 p.m.299 views

Exploit for Code Injection in Langflow

CVE-2025-3248 – Unauthenticated Remote Code Execution in Langf...

9.8CVSS10AI score0.9999EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/19 6:30 a.m.289 views

Exploit for Code Injection in Langflow

CVE-2025-3248 — Langflow RCE Exploit Remote Code Execution R...

9.8CVSS10AI score0.9999EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/18 3:42 a.m.253 views

Exploit for Code Injection in Langflow

Langflow CVE-2025-3248 Exploit A Python-based exploit for CVE...

9.8CVSS10AI score0.9999EPSS
Exploits33
The Hacker News
The Hacker News
added 2025/06/17 9:32 a.m.21 views

New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks

Cybersecurity researchers have called attention to a new campaign that's actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware. "Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn...

9.8CVSS9.8AI score0.9999EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/17 9:6 a.m.271 views

Exploit for Code Injection in Langflow

mitsec - CVE-2025-3248 Langflow RCE Exploit Remote Code Execu...

9.8CVSS10AI score0.9999EPSS
Exploits33
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/06/17 12:0 a.m.8 views

Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet

This blog uncovers an active campaign exploiting CVE-2025-3248 in Langflow versions before 1.3.0 that deploys the Flodrix botnet, enabling threat actors to achieve full system compromise, initiate DDoS attacks, and potentially exfiltrate sensitive data...

9.8CVSS7.1AI score0.9999EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/05/27 3:1 a.m.303 views

Exploit for Code Injection in Langflow

CVE-2025-3248 !https://img.shields.io/badge/license-MIT-blu...

9.8CVSS10AI score0.9999EPSS
Exploits33
The Hacker News
The Hacker News
added 2025/05/06 4:24 a.m.35 views

Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence

A recently disclosed critical security flaw impacting the open-source Langflow platform has been added to the Known Exploited Vulnerabilities KEV catalog by the U.S. Cybersecurity and Infrastructure Security Agency CISA, citing evidence of active exploitation. The vulnerability, tracked as...

9.8CVSS10AI score0.9999EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/05/05 6:10 p.m.285 views

Exploit for Code Injection in Langflow

CVE-2025-3248 Langflow is a low-code platform primarily us...

9.8CVSS10AI score0.9999EPSS
Exploits33
Exploit DB
Exploit DB
added 2025/04/18 12:0 a.m.254 views

Langflow 1.3.0 - Remote Code Execution (RCE)

Exploit Title: Langflow 1.3.0 - Remote Code Execution RCE Date: 2025-04-17 Exploit Author: VeryLazyTech Vendor Homepage: http://www.langflow.org/ Software Link: https://github.com/langflow-ai/langflow Version: Langflow 1.3.0 Tested on: Windows Server 2019 CVE: CVE-2025-3248 CVE-2025-3248 - Remote...

9.8CVSS7.4AI score0.9999EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/04/16 2:0 p.m.284 views

Exploit for Code Injection in Langflow

POC - Remote and unauthenticated attacker can send crafted HTT...

9.8CVSS10AI score0.9999EPSS
Exploits33
Saint
Saint
added 2025/04/11 12:0 a.m.125 views

Langflow /api/v1/validate/code command injection

Added: 04/11/2025 CVE: CVE-2025-3248 Background Langflow is a low-code tool for building AI agents and workflows. Problem A command injection vulnerability in the /api/v1/validate/code API endpoint could allow a remote unauthenticated attacker to execute arbitrary commands by sending a specially...

9.8CVSS8.8AI score0.9999EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/04/10 2:4 p.m.373 views

Exploit for Code Injection in Langflow

CVE-2025-3248-POC POC of CVE-2025-...

9.8CVSS9.9AI score0.9999EPSS
Exploits33
RedhatCVE
RedhatCVE
added 2025/04/09 11:23 p.m.80 views

CVE-2025-3248

Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code...

9.8CVSS8.1AI score0.9999EPSS
Exploits33References1
Rows per page
Query Builder