CP
cyberpings
VulnerabilitiesHIGH

Langflow Vulnerability - CISA Adds Critical Flaw Alert

SASecurity Affairs
CVE-2026-33017LangflowCISAremote code executionvulnerability
🎯

Basically, a flaw in Langflow lets hackers run harmful code without permission.

Quick Summary

CISA has identified a critical flaw in Langflow, enabling remote code execution without authentication. This affects many organizations using the tool. Immediate updates are necessary to mitigate risks and protect systems.

The Flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added a critical flaw in Langflow to its Known Exploited Vulnerabilities (KEV) catalog. This flaw, tracked as CVE-2026-33017, has a high CVSS score of 9.3, indicating its severity. Langflow is a widely-used tool for creating agentic AI workflows, making this vulnerability particularly concerning for many organizations.

CVE-2026-33017 allows attackers to execute arbitrary code without authentication. This is primarily due to the public build endpoint, which accepts user-supplied data containing Python code. The flaw arises because this code is executed via the exec() function without any sandboxing, leading to potential full system compromise.

What's at Risk

The vulnerability is present in versions of Langflow prior to v1.9.0. The specific endpoint affected is /api/v1/build_public_tmp/{flow_id}/flow, which allows building public flows without requiring authentication. Attackers can exploit this by supplying malicious flow data that includes executable Python code, which the system then runs unchecked.

This flaw is distinct from a previous vulnerability, CVE-2025-3248, which was addressed by adding authentication to a different endpoint. The current flaw, however, remains a significant risk since it allows unauthenticated access to execute harmful code.

Patch Status

CISA has mandated that federal agencies must address this vulnerability by April 8, 2026. This directive is part of the Binding Operational Directive (BOD) 22-01, which emphasizes the importance of mitigating known exploited vulnerabilities to safeguard networks. Organizations are urged to review the KEV catalog and take necessary actions to protect their infrastructure.

Experts recommend that private organizations also prioritize reviewing and addressing this vulnerability. The potential for remote code execution could lead to severe consequences, including data breaches and system compromises.

Immediate Actions

Organizations using Langflow should take immediate steps to mitigate this vulnerability. Here are some recommended actions:

  • Update Langflow: Ensure that you are using version 1.9.0 or later to avoid this flaw.
  • Review Access Controls: Implement strict access controls to minimize the risk of unauthorized access.
  • Monitor for Exploits: Keep an eye on network traffic and logs for any signs of exploitation attempts.

By taking these proactive measures, organizations can significantly reduce their risk of falling victim to this critical vulnerability in Langflow.

🔒 Pro insight: Organizations must prioritize patching CVE-2026-33017 to prevent potential exploitation and system compromise, especially in AI workflow environments.

Original article from

Security Affairs · Pierluigi Paganini

Read Full Article

Share

Related Pings

HIGHVulnerabilities

HPE Telco Service Orchestrator - Security Advisory Released

HPE has issued a security advisory for vulnerabilities in its Telco Service Orchestrator software. Users of versions before v5.5.1 must update to avoid security risks. This is crucial for maintaining system integrity and preventing potential breaches.

Canadian Cyber Centre Alerts·
HIGHVulnerabilities

Spring Security Advisory - Critical Vulnerabilities Identified

Spring has issued a security advisory for vulnerabilities in Spring Cloud Config and Spring AI. Users must update their software to prevent unauthorized access and remote code execution. Ignoring these updates could lead to serious security risks. Stay secure by applying the necessary patches.

Canadian Cyber Centre Alerts·
HIGHVulnerabilities

Grafana Vulnerabilities - Critical Security Advisory Issued

Grafana has issued a critical security advisory for older versions. Users must update to avoid serious vulnerabilities. Acting now is essential for safeguarding data integrity.

Canadian Cyber Centre Alerts·
HIGHVulnerabilities

ABB Security Advisory - Addressing Camera Connect Vulnerabilities

ABB issued a security advisory for vulnerabilities in their camera software. Users must upgrade to avoid potential exploitation. This is crucial for maintaining security in connected systems.

Canadian Cyber Centre Alerts·
CRITICALVulnerabilities

Langflow Vulnerability - Critical Flaw Actively Exploited

CISA warns of a critical vulnerability in Langflow, CVE-2026-33017, allowing hackers to hijack AI workflows. Users must upgrade or restrict access by April 8 to mitigate risks. This flaw poses significant threats to data and operations.

BleepingComputer·
HIGHVulnerabilities

Squid Security Advisory - High-Risk Vulnerabilities Found

Squid has announced critical vulnerabilities in their software that could lead to Denial of Service attacks. Users must update to version 7.5 to avoid disruptions. Don't let your systems be at risk—act now!

Canadian Cyber Centre Alerts·