Langflow

An authenticated remote attacker can exploit multiple unspecified vulnerabilities in Langflow to achieve arbitrary code execution.

Multiple vulnerabilities in Langflow allow an attacker to manipulate files, disclose sensitive information, or conduct cross-site scripting attacks.

An unrestricted file upload vulnerability in langflow-ai langflow versions up to 1.1.0 allows remote attackers to execute arbitrary code via the create_upload_file function in the API Endpoint.

IBM Langflow Desktop versions 1.6.0 through 1.8.2 is vulnerable to arbitrary code execution due to insecure deserialization of untrusted data, allowing an authenticated user to execute code on the system.

An authenticated, remote attacker can exploit a vulnerability in Langflow to manipulate files, potentially leading to unauthorized data modification or application compromise.

Langflow versions 1.5.0 and earlier contain an IDOR vulnerability (CVE-2026-34046) that allows authenticated users to read, modify, and delete flows belonging to other users due to a missing ownership check, potentially exposing sensitive information and enabling unauthorized control over AI agent logic.

A vulnerability in Langflow allows an attacker to execute arbitrary code, potentially leading to system compromise.

Multiple vulnerabilities in Langflow could be exploited by an attacker to execute arbitrary program code, disclose information, and potentially manipulate data, leading to potential system compromise.

A critical remote code execution vulnerability, CVE-2026-33017, exists in Langflow AI pipelines prior to version 1.9.0 that allows an unauthenticated remote attacker to execute code with full server process privileges, impacting availability, integrity, and confidentiality.