pip CVE Archive

langflow CVE Vulnerabilities

All known CVEs affecting langflow. Kodem’s runtime-powered SCA reveals which are actually reachable in your application.

Known vulnerabilities
CVE
Summary
Severity
CVE-2026-55447
Langflow: BaseFileComponent-based nodes arbitrary file read with RCE exploit
Critical
CVE-2026-55446
Langflow: Unauthenticated DoS through multipart form boundary file upload
High
CVE-2026-55423
Langflow: Logout button does not clear session
Medium
CVE-2026-55255
Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows…
Critical
CVE-2026-55450
Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and…
Critical
CVE-2026-48520
Langflow: Unauthenticated Shareable Playground arbitrary local or S3 file read
Medium
CVE-2026-48519
Langflow: Unauthenticated RCE in Shareable Playgrounds
Critical
CVE-2026-42867
Langflow: Path Traversal in Knowledge Bases API via Creation Endpoint
Medium
CVE-2026-33760
Langflow: IDOR/BOLA in Monitor API — Missing Ownership Enforcement on 7…
High
CVE-2026-42048
Langflow Knowledge Bases API is Vulnerable to Path Traversal
Critical
CVE-2026-33484
langflow has Unauthenticated IDOR on Image Downloads
High
CVE-2026-33309
Langflow has an Arbitrary File Write (RCE) via v2 API
Critical
CVE-2026-33017
Unauthenticated Remote Code Execution in Langflow via Public Flow Build Endpoint
Critical
CVE-2026-27966
Langflow has Remote Code Execution in CSV Agent
Critical
CVE-2025-68478
External Control of File Name or Path in Langflow
High
CVE-2025-68477
Langflow vulnerable to Server-Side Request Forgery
High
CVE-2025-34291
Langflow CORS misconfiguration enables Account Takeover and RCE
Critical
CVE-2025-57760
Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation…
High
CVE-2024-48061
Langflow vulnerable to remote code execution
Medium
CVE-2024-42835
langflow has vulnerability in PythonCodeTool component
High
CVE-2024-9277
Inefficient Regular Expression Complexity in langflow
Medium
CVE-2024-37014
Langflow remote code execution vulnerability
High

Prioritize langflow vulnerabilities

Kodem Kai can identify which of these CVEs are reachable in your dependency tree and generate targeted fix recommendations.

Get a demo →

Stop the waste.
Protect your environment with Kodem.

Get a personalized demo
Get a personalized demo