V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Filters

All vulnerabilities

35 / 35
Product: langflow:langflow×Clear all
9.8
CVE-2025-3248ANC KEV
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/cod…
2025-01-01KEV
EPSS100.0%
pct 99
9.3
CVE-2026-33017ANC KEV
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prio…
2026-01-01KEV
EPSS98.4%
pct 99
9.8
CVE-2026-0769CVE
Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability. This vu…
2026-01-01Pre-auth
EPSS35.5%
pct 98
9.8
CVE-2026-27966CVE
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version…
2026-01-01Pre-auth
EPSS33.7%
pct 98
9.4
CVE-2025-34291ANC KEV
Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables accoun…
2025-01-01KEV
EPSS25.2%
pct 97
8.8
CVE-2024-7297CVE
Langflow versions prior to 1.0.13 suffer from a Privilege Escalation vulnerability, allowing a …
2024-01-01
EPSS21.3%
pct 97
8.8
CVE-2026-21445ANC
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version…
2026-01-01Pre-auth
EPSS21.3%
pct 97
9.8
CVE-2026-0770CVE
Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Exec…
2026-01-01Pre-auth
EPSS10.4%
pct 95
8.7
CVE-2026-33497CVE
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version…
2026-01-01Pre-auth
EPSS8.0%
pct 94
6.5
CVE-2025-68477ANC
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version…
2025-01-01
EPSS5.8%
pct 92
9.1
CVE-2026-33475CVE
Langflow is a tool for building and deploying AI-powered agents and workflows. An unauthenticat…
2026-01-01Pre-auth
EPSS3.0%
pct 85
8.8
CVE-2026-5027ANC
The 'POST /api/v2/files' endpoint does not sanitize the 'filename' parameter from the multipart…
2026-01-01
EPSS2.3%
pct 80
9.8
CVE-2026-0768CVE
Langflow code Code Injection Remote Code Execution Vulnerability. This vulnerability allows rem…
2026-01-01Pre-auth
EPSS2.0%
pct 78
9.3
CVE-2026-33873ANC
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version…
2026-01-01
EPSS1.4%
pct 69
9.9
CVE-2026-33309CVE
Langflow is a tool for building and deploying AI-powered agents and workflows. Versions 1.2.0 t…
2026-01-01
EPSS1.4%
pct 69
9.8
CVE-2024-48061CVE
langflow <=1.0.18 is vulnerable to Remote Code Execution (RCE) as any component provided the co…
2024-01-01Pre-auth
EPSS1.3%
pct 67
9.8
CVE-2024-42835CVE
langflow v1.0.12 was discovered to contain a remote code execution (RCE) vulnerability via the …
2024-01-01Pre-auth
EPSS1.0%
pct 58
9.8
CVE-2024-37014CVE
Langflow through 0.6.19 allows remote code execution if untrusted users are able to reach the "…
2024-01-01Pre-auth
EPSS0.9%
pct 55
7.5
CVE-2026-0772CVE
Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vulnerability. This…
2026-01-01
EPSS0.9%
pct 54
5.1
CVE-2024-9277CVE
A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this …
2024-01-01
EPSS0.9%
pct 54
7.1
CVE-2026-0771CVE
Langflow PythonFunction Code Injection Remote Code Execution Vulnerability. This vulnerability …
2026-01-01
EPSS0.6%
pct 43
9.8
CVE-2026-7524CVE
IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validati…
2026-01-01Pre-auth
EPSS0.6%
pct 43
9.6
CVE-2026-42048ANC
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, …
2026-01-01
EPSS0.5%
pct 39
7.5
CVE-2026-33484CVE
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions 1.0.…
2026-01-01Pre-auth
EPSS0.5%
pct 36
8.8
CVE-2026-3357CVE
IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute …
2026-01-01
EPSS0.5%
pct 36
8.8
CVE-2025-57760ANC
Langflow is a tool for building and deploying AI-powered agents and workflows. A privilege esca…
2025-01-01
EPSS0.4%
pct 34
8.7
CVE-2026-34046ANC
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version…
2026-01-01
EPSS0.4%
pct 32
6.1
CVE-2026-33053CVE
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prio…
2026-01-01
EPSS0.4%
pct 30
7.1
CVE-2025-68478ANC
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version…
2025-01-01
EPSS0.3%
pct 25
6.5
CVE-2026-5025ANC
The '/logs' and '/logs-stream' endpoints in the log router allow any authenticated user to read…
2026-01-01
EPSS0.3%
pct 16
8.1
CVE-2026-7787CVE
IBM Langflow OSS 1.0.0 through 1.9.1 could allow an authenticated user to read or modify sensit…
2026-01-01
EPSS0.2%
pct 15
7.5
CVE-2026-7528CVE
IBM Langflow OSS 1.0.0 through 1.9.0 could allow a denial of service due to uncontrolled resour…
2026-01-01Pre-auth
EPSS0.2%
pct 11
6.3
CVE-2026-5022ANC
The '/api/v1/files/images/{flow_id}/{file_name}' endpoint does not enforce any authentication o…
2026-01-01Pre-auth
EPSS0.2%
pct 10
8.1
CVE-2026-6542CVE
IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flow_id to read transacti…
2026-01-01
EPSS0.2%
pct 10
7.0
CVE-2026-5026ANC
The '/api/v1/files/images/{flow_id}/{file_name}' endpoint serves SVG files with the 'image/svg+…
2026-01-01
EPSS0.2%
pct 5
Select a vulnerability on the left to open the preview.