Help Net Security ·EN-US News source Exploited in the wildLangflow
Attackers using Langflow flaw for credential harvesting (CVE-2026-55255)
CVE Tools coverage
Attackers are exploiting a recently cataloged vulnerability in Langflow (CVE-2026-55255), an open-source AI workflow framework, to harvest credentials and sensitive data. CISA added this insecure direct object reference (IDOR) flaw to its Known Exploited Vulnerabilities list on July 7, following active exploitation observed by the Sysdig Threat Research Team. The flaw enables authenticated attackers to execute another user’s flow using just the flow ID, potentially leading to cross-tenant data exposure and secret theft. Federal agencies have until July 10 to apply the fix, as mitigation is critical due to ongoing attacks.