Lucene search
+L

5 matches found

EUVD
EUVD
added 2 days ago6 views

EUVD-2026-45308

IBM Langflow OSS 1.0.0 through 1.10.1 Lanflow OSS contains an unauthenticated remote code execution vulnerability in the public flow build endpoint /api/v1/buildpublictmp/flowid/flow . The vulnerability stems from an incomplete denylist in the validatepublicflownocodeexecution function that fails...

8.1CVSS6.3AI score0.00442EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-13448 Langflow is affected by remote code execution, denial of service, path traversal, and exposed credentials due to multiple unauthenticated and insufficiently authorized API endpoints

IBM Langflow OSS 1.0.0 through 1.10.1 Lanflow OSS contains an unauthenticated remote code execution vulnerability in the public flow build endpoint /api/v1/buildpublictmp/flowid/flow . The vulnerability stems from an incomplete denylist in the validatepublicflownocodeexecution function that fails...

8.1CVSS0.00442EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/22 10:1 p.m.109 views

Exploit for Code Injection in Langflow

CVE-2026-33017 — Langflow Unauthenticated Remote Code Executio...

9.8CVSS6.7AI score0.98191EPSS
Exploits22
Vulnrichment
Vulnrichment
added 2026/03/20 4:52 a.m.6 views

CVE-2026-33017 Langflow has Unauthenticated Remote Code Execution via Public Flow Build Endpoint

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/buildpublictmp/flowid/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses...

9.3CVSS7.9AI score0.98191EPSS
Exploits22References3
VulnCheck KEV
VulnCheck KEV
added 2026/03/19 12:0 a.m.45 views

VulnCheck KEV: CVE-2026-33017

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/buildpublictmp/flowid/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses...

9.8CVSS6.2AI score0.9999EPSS
In wildExploits54References8
Rows per page
Query Builder