CVE Tools
Back to feed
Help Net Security ·EN-US News source Exploited in the wildLangflow

Attackers using Langflow flaw for credential harvesting (CVE-2026-55255)

By Zeljka Zorz··2 min read
CVE Tools coverage

Attackers are exploiting a recently cataloged vulnerability in Langflow (CVE-2026-55255), an open-source AI workflow framework, to harvest credentials and sensitive data. CISA added this insecure direct object reference (IDOR) flaw to its Known Exploited Vulnerabilities list on July 7, following active exploitation observed by the Sysdig Threat Research Team. The flaw enables authenticated attackers to execute another user’s flow using just the flow ID, potentially leading to cross-tenant data exposure and secret theft. Federal agencies have until July 10 to apply the fix, as mitigation is critical due to ongoing attacks.