749 matches found
Exploit for Code Injection in Langflow
CVE-2024-48061 Langflow vulnerable to remote code execution...
Exploit for Code Injection in Langflow
CVE-2025-3248 - Langflow Code Validation Endpoint RCE A proof...
Exploit for Code Injection in Langflow
⚠️ Langflow RCE Exploit Scanner CVE-2025-3248 This Python-b...
Exploit for Code Injection in Langflow
Langflow CVE-2025-3248 Exploit Tool !Severityhttps://img.s...
Exploit for Code Injection in Langflow
Langflow RCE Exploit CVE-2025-3248 !Python Versionhttps:...
Exploit for Code Injection in Langflow
CVE-2025-3248 Langflow RCE Scanner 🔍 Description A powerf...
Exploit for Code Injection in Langflow
CVE-2025-3248 – Unauthenticated Remote Code Execution in Langf...
Exploit for Code Injection in Langflow
CVE-2025-3248 — Langflow RCE Exploit Remote Code Execution R...
Exploit for Code Injection in Langflow
CVE-2025-3248 — Langflow AI Remote Code Execution Unauthentic...
Exploit for Code Injection in Langflow
Langflow CVE-2025-3248 Exploit A Python-based exploit for CVE...
GHSA-RVQX-WPFH-MFX7 Langflow Unauth RCE
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code...
Langflow Unauth RCE
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code...
New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks
Cybersecurity researchers have called attention to a new campaign that's actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware. "Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn...
Exploit for Code Injection in Langflow
mitsec - CVE-2025-3248 Langflow RCE Exploit Remote Code Execu...
Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet
This blog uncovers an active campaign exploiting CVE-2025-3248 in Langflow versions before 1.3.0 that deploys the Flodrix botnet, enabling threat actors to achieve full system compromise, initiate DDoS attacks, and potentially exfiltrate sensitive data...
The vulnerability of the HTTP Request Handler component of the Langflow agent and workflow creation/ deployment tool allows a attacker to execute arbitrary code.
The vulnerability of the HTTP Request Handler component of the Langflow agent and process creation/ deployment tool is related to the lack of authentication for the critical function. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Langflow Chatbot Detected
This is an informational plugin to inform the user that the scanner has detected a publicly accessible Langflow chatbot on the target application. Langflow is an open-source visual framework for building multi-agent and RAG. This detection is included in the AI and LLM category. No source data...
CVE-2024-9277
A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of the component HTTP POST Request Handler. The manipulation of the argument remainingtext leads to...
CVE-2024-37014
Langflow through 0.6.19 allows remote code execution if untrusted users are able to reach the "POST /api/v1/customcomponent" endpoint and provide a Python script...
CVE-2024-48061
langflow =1.0.18 is vulnerable to Remote Code Execution RCE as any component provided the code functionality and the components run on the local machine rather than in a sandbox...