Tag: langflow

2 articles

Blurred laptop screen and server rack in a brightly-lit workstation setting.

Attackers Exploit Langflow Path Traversal Flaw in Active Attacks

A single, unauthenticated request is all it takes to exploit a high-severity flaw in Langflow, a popular AI development platform, allowing attackers to write arbitrary files to its filesystem. This is made possible by a path traversal vulnerability, CVE-2026-5027, which can be easily triggered due to Langflow's default unauthenticated auto-login feature.

Analyst 207Jun 10, 2026

Rows of equipment racks and monitoring stations in a server room with an empty workstation.

CISA Flags Actively Exploited Langflow, Trend Micro Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on two major vulnerabilities, CVE-2025-34291 and CVE-2026-34926, currently being exploited by hackers, and is requiring federal agencies to patch them by June 4, 2026. These weaknesses, found in Langflow and Trend Micro Apex One, could allow attackers to take control of systems and execute malicious code.

Analyst 207May 22, 2026