pkg:PyPI/langflow

All known vulnerabilities

• CRITICAL9.8CVE-2026-33017⚠ KEVUnauthenticated Remote Code Execution in Langflow via Public Flow Build Endpoint
  from 0, <= 1.8.2
• CRITICAL9.8CVE-2025-3248⚠ KEVLangflow Unauth RCE
  from 0, < 1.3.0
• CRITICAL9.8⚠ KEVLangflow Unauth RCE
  from 0, < 1.3.0
• HIGH8.8⚠ KEVLangflow CORS misconfiguration enables Account Takeover and RCE
  from 0, < 1.7.0
• HIGH8.8⚠ KEVLangflow CORS misconfiguration enables Account Takeover and RCE
  from 0, <= 1.6.9
• CRITICAL9.9Langflow has Authenticated Code Execution in Agentic Assistant Validation
  from 0, < 1.9.0
• CRITICAL9.9Langflow has Authenticated Code Execution in Agentic Assistant Validation
  from 0, < 1.9.0
• CRITICAL9.9Langflow has an Arbitrary File Write (RCE) via v2 API
  >= 1.2.0, < 1.9.0
• CRITICAL9.9Langflow has an Arbitrary File Write (RCE) via v2 API
  >= 1.2.0, < 1.9.0
• CRITICAL9.8Langflow has Remote Code Execution in CSV Agent
  from 0, <= 1.8.0rc2
• CRITICAL9.8Langflow vulnerable to remote code execution
  from 0, <= 1.0.18
• CRITICAL9.8langflow has vulnerability in PythonCodeTool component
  from 0, <= 1.0.12
• CRITICAL9.8langflow has vulnerability in PythonCodeTool component
  from 0, <= 1.0.12
• CRITICAL9.6Langflow Knowledge Bases API is Vulnerable to Path Traversal
  from 0, < 1.9.0
• HIGH8.8Langflow is Missing Ownership Verification in API Key Deletion (IDOR)
  from 0, < 1.9.0
• HIGH8.8Langflow is Missing Ownership Verification in API Key Deletion (IDOR)
  from 0, < 1.7.2
• HIGH8.8Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation (Post-RCE)
  from 0, < 1.5.1
• HIGH8.8Langflow remote code execution vulnerability
  from 0, < 1.0.15
• HIGH8.8Langflow remote code execution vulnerability
  from 0, < 1.0.0a3
• HIGH7.7Langflow vulnerable to Server-Side Request Forgery
  from 0, < 1.7.1
• HIGH7.5langflow: /profile_pictures/{folder_name}/{file_name} endpoint file reading
  from 0, < 1.7.1
• HIGH7.5langflow: /profile_pictures/{folder_name}/{file_name} endpoint file reading
  from 0, < 1.7.1
• HIGH7.5langflow has Unauthenticated IDOR on Image Downloads
  >= 1.0.0, <= 1.8.1
• HIGH7.5langflow has Unauthenticated IDOR on Image Downloads
  >= 1.0.0, < 1.9.0
• HIGH7.1External Control of File Name or Path in Langflow
  from 0, < 1.7.1
• HIGH7.1External Control of File Name or Path in Langflow
  from 0, < 1.7.0
• MEDIUM6.3Langflow vulnerable to injection
  from 0, <= 1.8.3
• MEDIUM4.3Langflow: Cleartext Storage of Authentication Settings in Project Creation Endpoint
  from 0, < 1.9.1
• LOW3.5Inefficient Regular Expression Complexity in langflow
  from 0, <= 1.0.18
• LOW2.7Langflow has an Information Leak through Incomplete API Key Redaction
  from 0, <= 1.8.3
• —Langflow: Authenticated Users Can Read, Modify, and Delete Any Flow via Missing Ownership Check
  from 0, < 1.5.1
• —Langflow affected by Remote Code Execution via validate_code() exec()
  from 0, <= 1.7.3
• —Langflow Missing Authentication on Critical API Endpoints
  from 0, < 1.7.1