Lucene search
K

774 matches found

Nuclei
Nuclei
added 18 hours ago11 views

Langflow <= 1.8.4 - Path Traversal to RCE via File Upload

The application contains a path traversal vulnerability caused by unsanitized 'filename' parameter in the 'POST /api/v2/files' multipart form data, letting attackers write files to arbitrary filesystem locations, exploit requires crafted request. id: CVE-2026-5027 info: name: Langflow = 1.8.4 -...

8.8CVSS6.2AI score0.31405EPSS
Exploits4References3
Nuclei
Nuclei
added 18 hours ago17 views

Langflow - Broken Access Control

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0.dev45, multiple critical API endpoints in Langflow are missing authentication controls. The issue allows any unauthenticated user to access sensitive user conversation data, transaction histories...

9.3CVSS7.1AI score0.20655EPSS
Exploits1References2
Nuclei
Nuclei
added 18 hours ago123 views

Langflow AI <= 1.6.9 - CORS Misconfiguration

Langflow AI versions 1.6.9 and earlier are vulnerable to a CORS misconfiguration that allows any origin to make credentialed requests. Combined with SameSite=None cookies, this enables cross-origin token theft and subsequent remote code execution via the /api/v1/validate/code endpoint. id:...

9.4CVSS7.5AI score0.7889EPSS
Exploits3References3
Nuclei
Nuclei
added 18 hours ago29 views

Langflow < 1.3.0 - Remote Code Execution via validate_code() exec()

Langflow contains a remote code execution caused by inclusion of functionality from untrusted control sphere in the execglobals parameter at the validate endpoint, letting remote attackers execute arbitrary code as root, exploit requires no authentication. id: CVE-2026-0770 info: name: Langflow...

9.8CVSS7.5AI score0.10371EPSS
Exploits8References3
Nuclei
Nuclei
added 2 days ago39 views

Langflow < 1.9.0 - Remote Code Execution

Langflow versions prior to 1.9.0 are vulnerable to unauthenticated remote code execution RCE via the buildpublictmp endpoint. Attackers can submit a manipulated flow JSON containing Python code that is executed during the build process without proper sandboxing. id: CVE-2026-33017 info: name:...

9.8CVSS7.5AI score0.98191EPSS
Exploits20References3
Nuclei
Nuclei
added 2 days ago44 views

Langflow AI - Unauthenticated Remote Code Execution

Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint.A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code. id: CVE-2025-3248 info: name: Langflow AI - Unauthenticated Remote Code Execution author: nvn172...

9.8CVSS7.4AI score0.9999EPSS
Exploits33References2
The Hacker News
The Hacker News
added 5 days ago13 views

CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added four security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerabilities are listed below - CVE-2026-48282 CVSS score: 10.0 - A path traversal vulnerability i...

10CVSS8.2AI score0.28583EPSS
Exploits15
OSV
OSV
added 6 days ago6 views

PYSEC-2026-1524 Langflow Missing Authentication on Critical API Endpoints

Summary Multiple critical API endpoints in Langflow are missing authentication controls, allowing any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal dat...

9.3CVSS6AI score0.20655EPSS
Exploits1References7
OSV
OSV
added 6 days ago6 views

PYSEC-2026-1526 Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation (Post-RCE)

This vulnerability was discovered by researchers at Check Point. We are sharing this report as part of a responsible disclosure process and are happy to assist in validation and remediation if needed. Summary A privilege escalation vulnerability exists in Langflow containers where an authenticate...

8.8CVSS6.4AI score0.00433EPSS
Exploits0References7
NVD
NVD
added 2026/06/30 8:17 p.m.6 views

CVE-2026-7803

IBM Langflow OSS 1.0.0 through 1.10.0 could allow arbitrary code execution due to improper validation of flow nodes with missing or empty component type fields...

9.8CVSS0.00357EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 8:17 p.m.6 views

CVE-2026-7663

IBM Langflow OSS 1.0.0 through 1.9.6 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint...

9.8CVSS0.00259EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 8:17 p.m.5 views

CVE-2026-7871

IBM Langflow OSS 1.0.0 through 1.10.0 allows users with Redis access to execute arbitrary code with full application privileges, compromising all secrets, data, and system integrity...

9.8CVSS0.00386EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 8:17 p.m.6 views

CVE-2026-7873

IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated attackers to execute arbitrary OS commands and read sensitive files including credentials, enabling complete system compromise and lateral movement...

9.9CVSS0.00294EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 8:17 p.m.6 views

CVE-2026-7874

IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow disclosure of all stored credentials due to the use of a weak and reversible key derivation mechanism for encryption at rest...

9.1CVSS0.00164EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 8:17 p.m.6 views

CVE-2026-10140

IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains improper shared-state handling that allows reuse of API clients across tenant boundaries. An authenticated attacker can manipulate cache state to cause requests from other users to be processed using incorrect upstream API credentials,...

9.6CVSS0.00201EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 8:17 p.m.5 views

CVE-2026-10546

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF vulnerability in the URL component src/lfx/src/lfx/components/datasource/url.py due to a Time-of-Check/Time-of-Use TOCTOU race condition that can be exploited via DNS rebinding...

7.1CVSS0.00146EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 8:17 p.m.5 views

CVE-2026-10560

IBM Langflow OSS 1.0.0 through 1.9.6 contains a missing authentication vulnerability in /api/v1/buildpublictmp/ endpoints that allows an unauthenticated attacker to read build event data or cancel jobs using a valid job identifier, resulting in information disclosure and denial of service...

9.1CVSS0.00272EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 8:17 p.m.5 views

CVE-2026-10564

IBM Langflow OSS 1.0.0 through 1.9.6 contains a Server-Side Request Forgery SSRF. The legacy RSSReaderComponent in rss.py and SearXNG component in searxng.py make unvalidated HTTP requests to user-controlled URLs, bypassing SSRF protections introduced in version 1.9.3. An authenticated attacker c...

8.2CVSS0.00199EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 8:17 p.m.1 views

CVE-2026-10546

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF vulnerability in the URL component src/lfx/src/lfx/components/datasource/url.py due to a Time-of-Check/Time-of-Use TOCTOU race condition that can be exploited via DNS rebinding...

6.5CVSS5.9AI score
Exploits0References1
NVD
NVD
added 2026/06/30 8:17 p.m.6 views

CVE-2026-10129

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF protection bypass vulnerability in the API Request component. An authenticated attacker with low-level privileges flow author role can bypass SSRF protections by enabling the followredirects parameter and supplying a...

8.5CVSS0.00185EPSS
Exploits0References1
Rows per page
Query Builder