CVE-2026-55255
Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow
Description
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, an Insecure Direct Object Reference (IDOR) vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in the request. This vulnerability is fixed in 1.9.2.
In plain language
AI Worth attentionIn Langflow, an authenticated attacker can use another user’s flow ID to run that other flow via the /api/v1/responses endpoint—this is serious if you have untrusted users who can log in, and you should upgrade to 1.9.2.
CVE-2026-55255 is an IDOR in Langflow’s /api/v1/responses endpoint that lets authenticated attackers access and execute another user’s flow by supplying the victim’s flow ID in their request; fixed in langflow 1.9.2.
What to do now
- Check your Langflow version and confirm whether you are running a version older than 1.9.2.
- If you are older than 1.9.2, plan an upgrade to Langflow 1.9.2 as soon as possible.
- Review who has accounts that can access Langflow and treat any “guest” or contractor accounts as untrusted unless needed.
- After upgrading, verify that requests to /api/v1/responses only allow access to flows owned by the logged-in user.
CVSS Vector Breakdown
AV:NAttack VectorAC:LAttack ComplexityPR:LPrivileges RequiredUI:NUser InteractionS:CScopeC:HConfidentialityI:HIntegrityA:LAvailabilityWeaknesses
Affected Products
Exploitability
Attack Graph
Click technique nodes for MITRE ATT&CK details · drag to pan · Ctrl/⌘ + scroll to zoom, or go fullscreen.
MITRE ATT&CK
1 techniqueReferences
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2026-55255 and every CVE in our database. Create a free account — no credit card required.
Create Free Account