Lucene search
K

240 matches found

Tenable Nessus
Tenable Nessus
added 4 days ago6 views

Langflow < 1.9.2 Multiple Vulnerabilities

The version of Langflow installed on the remote host is prior to 1.9.2. It is, therefore, affected by multiple vulnerabilities: - The Shareable Playground feature enables execution of workflows by unauthenticated users. When the route /api/v1/buildpublictmp executes a flow, it allows providing...

9.6CVSS6.3AI score0.00688EPSS
Exploits2References4
OSV
OSV
added 2026/06/25 6:26 p.m.5 views

GO-2026-5170 OpenFGA: Unauthenticated playground endpoint discloses preshared API key in HTML response in github.com/openfga/openfga

OpenFGA: Unauthenticated playground endpoint discloses preshared API key in HTML response in github.com/openfga/openfga...

7.5CVSS5.8AI score0.00286EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 5:17 p.m.7 views

CVE-2026-48519

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, the "Shareable Playground" or "Public Flows" in code contains a critical RCE vulnerability. Shareable Playground feature works by enabling the execution of workflows by unauthenticated users, by accessi...

9.6CVSS0.00688EPSS
Exploits1References1
NVD
NVD
added 2026/06/23 5:17 p.m.7 views

CVE-2026-48520

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.10.0, the "Shareable Playground" or "Public Flows" in code contains a potential arbitrary file-read vulnerability, depending on the exact flow configuration used. By making a flow public, public execution of...

6.1CVSS0.00269EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/23 4:31 p.m.38 views

CVE-2026-48520 Langflow: Unauthenticated Shareable Playground arbitrary local or S3 file read

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.10.0, the "Shareable Playground" or "Public Flows" in code contains a potential arbitrary file-read vulnerability, depending on the exact flow configuration used. By making a flow public, public execution of...

6.1CVSS0.00269EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 4:25 p.m.55 views

CVE-2026-48519

Langflow CVE-2026-48519 exposes unauthenticated RCE via the Shareable Playground. Affected: Langflow prior to 1.9.2. Vulnerable route: /api/v1/build_public_tmp permits executing any public flow; payloads can inject arbitrary Python code into data.nodes[X].data.node.template.code.value. Impact is ...

9.6CVSS6.3AI score0.00688EPSS
Exploits1References1Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:0 a.m.19 views

Malicious code in @mastra/playground-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f95ef610dd6911f5d9c670d625d68b49c360aa9d92d8aa2532087c32ffb88a2a The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/17 5:0 a.m.7 views

MAL-2026-6033 Malicious code in @mastra/playground-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f95ef610dd6911f5d9c670d625d68b49c360aa9d92d8aa2532087c32ffb88a2a The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/06/16 5:35 p.m.6 views

GHSA-V5FF-9Q35-Q26F Langflow: Unauthenticated RCE in Shareable Playgrounds

Summary The "Shareable Playground" or "Public Flows" in code contains a critical RCE vulnerability. Simply sharing a flow exposes the deployment to RCE risk by authenticated users. Tested on commit 2d67402b1dbaefcbce85a244d4a6cd5e4bda1cfe Details Shareable Playground feature works by enabling the...

9.6CVSS6AI score0.00688EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/06/16 5:35 p.m.23 views

Langflow: Unauthenticated RCE in Shareable Playgrounds

Summary The "Shareable Playground" or "Public Flows" in code contains a critical RCE vulnerability. Simply sharing a flow exposes the deployment to RCE risk by authenticated users. Tested on commit 2d67402b1dbaefcbce85a244d4a6cd5e4bda1cfe Details Shareable Playground feature works by enabling the...

9.6CVSS6AI score0.00688EPSS
Exploits1References2Affected Software1
GithubExploit
GithubExploit
added 2026/06/09 6:10 a.m.69 views

VulnBoard

VulnBoard “If you don’t know about attacks, you can’t defend...

5.7AI score
Exploits0
Packet Storm
Packet Storm
added 2026/06/09 12:0 a.m.88 views

📄 Quick Playground for WordPress 1.3.1 Shell Upload

Proof of concept remote shell upload exploit for Quick Playground for WordPress plugin versions 1.3.1 and below. ================================================================================================================================== | Title : Quick Playground for WordPress 1.3.1 —...

9.8CVSS5.5AI score0.03092EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2026/06/07 8:59 a.m.24 views

CVE-2026-2500

The Quick Playground plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.4. This is due to the qckplydata function passing the user-supplied filename POST parameter directly to filegetcontents without any validation, sanitization, or path restriction. Th...

4.4CVSS5.4AI score0.00315EPSS
Exploits0References1
NVD
NVD
added 2026/06/06 4:17 a.m.13 views

CVE-2026-2500

The Quick Playground plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.4. This is due to the qckplydata function passing the user-supplied filename POST parameter directly to filegetcontents without any validation, sanitization, or path restriction. Th...

4.4CVSS0.00315EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/06 2:28 a.m.46 views

CVE-2026-2500 Quick Playground <= 1.3.4 - Authenticated (Administrator+) Arbitrary File Read via 'filename' Parameter

The Quick Playground plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.4. This is due to the qckplydata function passing the user-supplied filename POST parameter directly to filegetcontents without any validation, sanitization, or path restriction. Th...

4.4CVSS0.00315EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/06 2:28 a.m.10 views

CVE-2026-2500

The Quick Playground plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.4. This is due to the qckplydata function passing the user-supplied filename POST parameter directly to filegetcontents without any validation, sanitization, or path restriction. Th...

4.4CVSS5.4AI score0.00315EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/06 2:28 a.m.10 views

CVE-2026-2500 Quick Playground <= 1.3.4 - Authenticated (Administrator+) Arbitrary File Read via 'filename' Parameter

The Quick Playground plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.4. This is due to the qckplydata function passing the user-supplied filename POST parameter directly to filegetcontents without any validation, sanitization, or path restriction. Th...

4.4CVSS5.4AI score0.00315EPSS
Exploits0References4
CVE
CVE
added 2026/06/06 2:28 a.m.31 views

CVE-2026-2500

The Quick Playground WordPress plugin vulnerability (

4.4CVSS5.4AI score0.00315EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/06 2:28 a.m.14 views

EUVD-2026-34953

The Quick Playground plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.4. This is due to the qckplydata function passing the user-supplied filename POST parameter directly to filegetcontents without any validation, sanitization, or path restriction. Th...

4.4CVSS5.4AI score0.00315EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/06 12:0 a.m.17 views

PT-2026-47126

Name of the Vulnerable Software and Affected Versions Quick Playground versions prior to 1.3.5 Description The Quick Playground plugin for WordPress contains a path traversal flaw. The qckply data function processes the filename POST parameter and passes it to file get contents without proper...

4.4CVSS5.4AI score0.00315EPSS
Exploits0References8
Rows per page
Query Builder