Critical Vulnerability Information Vulnerability Name Privilege Escalation via CLI Superuser Creation (Post-RCE) Affected Versions Langflow < 1.5.1 Vulnerability Severity CVSS v3 Base Score: 8.8/10 Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality Impact: High Integrity Impact: High Availability Impact: High Vulnerability Description This vulnerability exists in the Langflow container, allowing an authenticated user with RCE access to invoke the internal CLI command to create a new administrator user. This results in full superuser access, even if the user initially logged in via the UI with a regular (non-admin) account. Vulnerability Details The Langflow Docker image includes a CLI binary located at , which exposes sensitive commands, including . This command allows creation of a new superuser without checking whether one already exists. Combined with code execution (e.g., via the authenticated endpoint), a low-privileged user can execute within the container to create a superuser and escalate their privileges. PoC Steps 1. Start the container and set to True. 2. Access http://localhost:7860 and register a user. (Your user will not be marked as a superuser.) 3. Exploit to obtain a reverse shell. 4. Within the reverse shell, create a superuser: - - Enter a username and password. 5. Log in with the newly created superuser account. Impact Privilege escalation to superuser — full takeover of the Langflow instance. Access to all user data, workflows, stored credentials, and configurations. Credential leakage — attackers can extract third-party API keys. Exposure of environment variables (within the Docker container). Ability to run additional Langflow instances within the container using , potentially leading to resource exhaustion (CPU, memory) and service degradation. Full user management — superuser can delete other users or reset their passwords.