Lucene search
K

4 matches found

OSV
OSV
added last week7 views

PYSEC-2026-1524 Langflow Missing Authentication on Critical API Endpoints

Summary Multiple critical API endpoints in Langflow are missing authentication controls, allowing any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal dat...

9.3CVSS6AI score0.20655EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2026/01/02 9:11 p.m.13 views

Langflow Missing Authentication on Critical API Endpoints

Summary Multiple critical API endpoints in Langflow are missing authentication controls, allowing any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal dat...

9.3CVSS7.3AI score0.20655EPSS
Exploits1References5Affected Software2
OSV
OSV
added 2026/01/02 9:11 p.m.10 views

GHSA-C5CP-VX83-JHQX Langflow Missing Authentication on Critical API Endpoints

Summary Multiple critical API endpoints in Langflow are missing authentication controls, allowing any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal dat...

9.3CVSS7.2AI score0.20655EPSS
Exploits1References5
Prion
Prion
added 2023/04/28 7:15 p.m.17 views

Cross site scripting

An issue was discovered in ebankIT before 7. Document Object Model based XSS exists within the /Security/Transactions/Transactions.aspx endpoint. Users can supply their own JavaScript within the ctl100$ctl00MainContent$TransactionMainContent$accControl$hdnAccountsArray POST parameter that will be...

5.8CVSS5.9AI score0.00535EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder