langflow-ai

Top products

The 15 most recently published vulnerabilities affecting langflow-ai.

• CVE-2026-12822langflow-ai langflow Bundle URL Loader code injection5.3Jun 21, 2026
• CVE-2026-42048Langflow: Path Traversal in Langflow Knowledge Bases API9.6May 12, 2026
• CVE-2026-7700langflow-ai langflow LambdaFilterComponent lambda_filter.p eval code injection6.3May 3, 2026
• CVE-2026-7687langflow-ai langflow Full Builtins code_parser.py CodeParser.parse_callable_details command injection6.3May 3, 2026
• CVE-2026-6600langflow-ai langflow Frontend React Component Rendering edit-message.tsx cross site scripting3.5Apr 20, 2026
• CVE-2026-6599langflow-ai langflow Model Context Protocol Configuration API mcp_projects.py install_mcp_config injection6.3Apr 20, 2026
• CVE-2026-6598langflow-ai langflow Project Creation Endpoint projects.py encrypt_auth_settings cleartext storage in file4.3Apr 20, 2026
• CVE-2026-6597langflow-ai langflow Flow Using API core.py has_api_terms credentials storage2.7Apr 20, 2026
• CVE-2026-6596langflow-ai langflow API Endpoint endpoints.py create_upload_file unrestricted upload7.3Apr 20, 2026
• CVE-2026-34046Langflow: Authenticated Users Can Read, Modify, and Delete Any Flow via Missing Ownership Check8.8Mar 27, 2026
• CVE-2026-33873Langflow has Authenticated Code Execution in Agentic Assistant Validation9.9Mar 27, 2026
• CVE-2026-5027Langflow - Path Traversal Arbitrary File Write via upload_user_file8.8Mar 27, 2026
• CVE-2026-5026Langflow - Stored XSS via Malicious SVG Upload5.4Mar 27, 2026
• CVE-2026-5025Langflow - Application Logs Exposed to All Authenticated Users6.5Mar 27, 2026
• CVE-2026-5022Langflow - Missing Authorization on download_image Endpoint5.3Mar 27, 2026