langflow-ai
AI / MLcommercial
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting langflow-ai.
- CVE-2026-48520Langflow: Unauthenticated Shareable Playground arbitrary local or S3 file read6.1
- CVE-2026-33760Langflow: IDOR/BOLA in Monitor API — Missing Ownership Enforcement on 7 Endpoints8.8
- CVE-2026-42867Langflow: Path Traversal in Knowledge Bases API via Creation Endpoint6.5
- CVE-2026-55255Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow9.9
- CVE-2026-55423Langflow: Logout button does not clear session6.1
- CVE-2026-55446Langflow: Unauthenticated DoS through multipart form boundary file upload7.5
- CVE-2026-48519Langflow: Unauthenticated RCE in Shareable Playgrounds9.6
- CVE-2026-55447Langflow: BaseFileComponent-based nodes arbitrary file read with RCE exploit9.6
- CVE-2026-55450Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak9.3
- CVE-2026-12822langflow-ai langflow Bundle URL Loader code injection5.3
- CVE-2026-42048Langflow: Path Traversal in Langflow Knowledge Bases API9.6
- CVE-2026-7700langflow-ai langflow LambdaFilterComponent lambda_filter.p eval code injection6.3
- CVE-2026-7687langflow-ai langflow Full Builtins code_parser.py CodeParser.parse_callable_details command injection6.3
- CVE-2026-6600langflow-ai langflow Frontend React Component Rendering edit-message.tsx cross site scripting3.5
- CVE-2026-6599langflow-ai langflow Model Context Protocol Configuration API mcp_projects.py install_mcp_config injection6.3