Lucene search
K

749 matches found

GithubExploit
GithubExploit
added 2025/07/03 7:51 p.m.345 views

Exploit for Code Injection in Langflow

CVE-2024-48061 Langflow vulnerable to remote code execution...

9.8CVSS7AI score0.01318EPSS
Exploits2
GithubExploit
GithubExploit
added 2025/06/28 1:3 a.m.267 views

Exploit for Code Injection in Langflow

CVE-2025-3248 - Langflow Code Validation Endpoint RCE A proof...

9.8CVSS10AI score0.99968EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/25 3:40 a.m.324 views

Exploit for Code Injection in Langflow

⚠️ Langflow RCE Exploit Scanner CVE-2025-3248 This Python-b...

9.8CVSS10AI score0.99968EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/23 9:36 a.m.193 views

Exploit for Code Injection in Langflow

Langflow CVE-2025-3248 Exploit Tool !Severityhttps://img.s...

9.8CVSS10AI score0.99968EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/23 1:23 a.m.275 views

Exploit for Code Injection in Langflow

Langflow RCE Exploit CVE-2025-3248 !Python Versionhttps:...

9.8CVSS10AI score0.99968EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/22 4:30 p.m.238 views

Exploit for Code Injection in Langflow

CVE-2025-3248 Langflow RCE Scanner 🔍 Description A powerf...

9.8CVSS10AI score0.99968EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/22 3:49 p.m.293 views

Exploit for Code Injection in Langflow

CVE-2025-3248 – Unauthenticated Remote Code Execution in Langf...

9.8CVSS10AI score0.99968EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/19 6:30 a.m.247 views

Exploit for Code Injection in Langflow

CVE-2025-3248 — Langflow RCE Exploit Remote Code Execution R...

9.8CVSS10AI score0.99968EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/18 7:27 p.m.262 views

Exploit for Code Injection in Langflow

CVE-2025-3248 — Langflow AI Remote Code Execution Unauthentic...

9.8CVSS10AI score0.99968EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/18 3:42 a.m.246 views

Exploit for Code Injection in Langflow

Langflow CVE-2025-3248 Exploit A Python-based exploit for CVE...

9.8CVSS10AI score0.99968EPSS
Exploits33
OSV
OSV
added 2025/06/17 8:14 p.m.4 views

GHSA-RVQX-WPFH-MFX7 Langflow Unauth RCE

Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code...

9.3CVSS8.3AI score0.99968EPSS
Exploits49References9
Github Security Blog
Github Security Blog
added 2025/06/17 8:14 p.m.21 views

Langflow Unauth RCE

Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code...

9.8CVSS9.9AI score0.99968EPSS
Exploits33References9Affected Software2
The Hacker News
The Hacker News
added 2025/06/17 9:32 a.m.21 views

New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks

Cybersecurity researchers have called attention to a new campaign that's actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware. "Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn...

9.8CVSS9.8AI score0.99968EPSS
Exploits33
GithubExploit
GithubExploit
added 2025/06/17 9:6 a.m.264 views

Exploit for Code Injection in Langflow

mitsec - CVE-2025-3248 Langflow RCE Exploit Remote Code Execu...

9.8CVSS10AI score0.99968EPSS
Exploits33
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/06/17 12:0 a.m.8 views

Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet

This blog uncovers an active campaign exploiting CVE-2025-3248 in Langflow versions before 1.3.0 that deploys the Flodrix botnet, enabling threat actors to achieve full system compromise, initiate DDoS attacks, and potentially exfiltrate sensitive data...

9.8CVSS7.1AI score0.99968EPSS
Exploits33
BDU FSTEC
BDU FSTEC
added 2025/06/13 12:0 a.m.6 views

The vulnerability of the HTTP Request Handler component of the Langflow agent and workflow creation/ deployment tool allows a attacker to execute arbitrary code.

The vulnerability of the HTTP Request Handler component of the Langflow agent and process creation/ deployment tool is related to the lack of authentication for the critical function. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.5AI score0.99968EPSS
Exploits33References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/04 12:0 a.m.10 views

Langflow Chatbot Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible Langflow chatbot on the target application. Langflow is an open-source visual framework for building multi-agent and RAG. This detection is included in the AI and LLM category. No source data...

7.2AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:36 a.m.9 views

CVE-2024-9277

A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of the component HTTP POST Request Handler. The manipulation of the argument remainingtext leads to...

6.5CVSS6.7AI score0.00896EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 8:45 a.m.30 views

CVE-2024-37014

Langflow through 0.6.19 allows remote code execution if untrusted users are able to reach the "POST /api/v1/customcomponent" endpoint and provide a Python script...

9.8CVSS7.7AI score0.00923EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:22 a.m.9 views

CVE-2024-48061

langflow =1.0.18 is vulnerable to Remote Code Execution RCE as any component provided the code functionality and the components run on the local machine rather than in a sandbox...

9.8CVSS7.4AI score0.01318EPSS
Exploits2References1
Rows per page
Query Builder