Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Langflow — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting Langflow. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Langflow serves as a low-code platform for building LLM-powered applications, enabling users to create AI workflows through visual interfaces. Historically, it has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and insecure default configurations. The platform's open-source nature and rapid development cycles have contributed to these security challenges. While no major public incidents have been widely documented, the six CVEs on record highlight consistent security concerns, particularly around authentication flaws and insecure API endpoints. Users should implement strict input sanitization and access controls when deploying Langflow in production environments.

Top products by Langflow: Langflow
CVE IDTitleCVSSSeverityPublished
CVE-2026-0772 Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vulnerability — LangflowCWE-502 8.8 -2026-01-23
CVE-2026-0771 Langflow PythonFunction Code Injection Remote Code Execution Vulnerability — LangflowCWE-94 9.8 -2026-01-23
CVE-2026-0770 Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability — LangflowCWE-829 9.8 -2026-01-23
CVE-2026-0769 Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability — LangflowCWE-95 9.8 -2026-01-23
CVE-2026-0768 Langflow code Code Injection Remote Code Execution Vulnerability — LangflowCWE-94 9.8 -2026-01-23
CVE-2025-34291 Langflow <= 1.6.9 CORS Misconfiguration to Token Hijack & RCE — LangflowCWE-346 8.8 -2025-12-05

This page lists every published CVE security advisory associated with Langflow. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.