VYPR

Langflow

by Langflow AI

pypi: langflow

Source repositories

CVEs (48)

  • CVE-2026-5022MedMar 27, 2026
    risk 0.34cvss 5.3epss 0.00

    The '/api/v1/files/images/{flow_id}/{file_name}' endpoint does not enforce any authentication or authorization checks, allowing any unauthenticated user to download images belonging to any flow by knowing (or guessing) the flow ID and file name.

  • CVE-2026-6600LowApr 20, 2026
    risk 0.16cvss 3.5epss 0.00

    A flaw has been found in langflow-ai langflow up to 1.8.3. This affects an unknown function of the file src/frontend/src/modals/IOModal/components/chatView/chatMessage/components/edit-message.tsx of the component Frontend React Component Rendering. Executing a manipulation can…

  • CVE-2025-3248KEVApr 7, 2025
    risk 0.16cvss epss 1.00

    Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.

  • CVE-2026-0770Jan 23, 2026
    risk 0.04cvss epss 0.10

    Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this…

  • CVE-2024-48061Nov 4, 2024
    risk 0.01cvss epss 0.01

    langflow <=1.0.18 is vulnerable to Remote Code Execution (RCE) as any component provided the code functionality and the components run on the local machine rather than in a sandbox.

  • CVE-2024-42835Oct 31, 2024
    risk 0.01cvss epss 0.01

    langflow v1.0.12 was discovered to contain a remote code execution (RCE) vulnerability via the PythonCodeTool component.

  • CVE-2026-12822Jun 21, 2026
    risk 0.00cvss epss 0.00

    A vulnerability was identified in langflow-ai langflow up to 1.9.3. This affects an unknown function of the component Bundle URL Loader. The manipulation leads to code injection. The attack needs to be performed locally. The vendor was contacted early about this disclosure but…

  • CVE-2026-55423Jun 19, 2026
    risk 0.00cvss epss 0.00

    ### Summary The logout button does not clear the session. The previous user stays logged in unless another user explicitly logs in. ### Details Not in auto login mode. Hosted on localhost. `access_token_lf` remains present in both Local Storage and Cookies. `refresh_token_lf`…

  • CVE-2026-48520Jun 16, 2026
    risk 0.00cvss epss 0.00

    ### Summary The "Shareable Playground" (or "Public Flows" in code) contains a potential arbitrary file-read vulnerability, depending on the exact flow configuration used. By making a flow public, public execution of the flow is allowed. The execution request can contain a list…

  • CVE-2026-42867Jun 16, 2026
    risk 0.00cvss epss 0.00

    ## Summary Langflow is vulnerable to Path Traversal in the Knowledge Bases API (`POST /api/v1/knowledge_bases`). This occurs because user-supplied knowledge base names are used directly to create file paths without proper sanitization or containment checks. An authenticated…

  • CVE-2026-5027Mar 27, 2026
    risk 0.00cvss epss 0.02

    The 'POST /api/v2/files' endpoint does not sanitize the 'filename' parameter from the multipart form data, allowing an attacker to write files to arbitrary locations on the filesystem using path traversal sequences ('../').

  • CVE-2026-33497Mar 24, 2026
    risk 0.00cvss epss 0.08

    Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.1, in the download_profile_picture function of the /profile_pictures/{folder_name}/{file_name} endpoint, the folder_name and file_name parameters are not strictly filtered, which…

  • CVE-2026-33484Mar 24, 2026
    risk 0.00cvss epss 0.06

    Langflow is a tool for building and deploying AI-powered agents and workflows. In versions 1.0.0 through 1.8.1, the `/api/v1/files/images/{flow_id}/{file_name}` endpoint serves image files without any authentication or ownership check. Any unauthenticated request with a known…

  • CVE-2026-33475Mar 24, 2026
    risk 0.00cvss epss 0.03

    Langflow is a tool for building and deploying AI-powered agents and workflows. An unauthenticated remote shell injection vulnerability exists in multiple GitHub Actions workflows in the Langflow repository prior to version 1.9.0. Unsanitized interpolation of GitHub context…

  • CVE-2026-33309Mar 24, 2026
    risk 0.00cvss epss 0.01

    Langflow is a tool for building and deploying AI-powered agents and workflows. Versions 1.2.0 through 1.8.1 have a bypass of the patch for CVE-2025-68478 (External Control of File Name), leading to the root architectural issue within `LocalStorageService` remaining unresolved.…

  • CVE-2026-33053Mar 20, 2026
    risk 0.00cvss epss 0.00

    Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the delete_api_key_route() endpoint accepts an api_key_id path parameter and deletes it with only a generic authentication check (get_current_active_user dependency).…

  • CVE-2026-27966Feb 26, 2026
    risk 0.00cvss epss 0.34

    Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.8.0, the CSV Agent node in Langflow hardcodes `allow_dangerous_code=True`, which automatically exposes LangChain’s Python REPL tool (`python_repl_ast`). As a result, an attacker…

  • CVE-2026-0772Jan 23, 2026
    risk 0.00cvss epss 0.01

    Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is required to exploit this vulnerability. The specific flaw…

  • CVE-2026-0771Jan 23, 2026
    risk 0.00cvss epss 0.01

    Langflow PythonFunction Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Attack vectors and exploitability will vary depending on the configuration of the product. The…

  • CVE-2026-0769Jan 23, 2026
    risk 0.00cvss epss 0.34

    Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw…