Critical CVE-2025-34291 in Langflow AI Agent Under Active Exploitation

Critical CVE-2025-34291 in Langflow AI Agent Under Active Exploitation

First seen 30 May 2026, 15:50 UTC Csa.SgIntegsecwww.sysdig.comInfosecurity-MagazineThehackernews+35 84% similarity 78.0

Article Content

Browse articles
ThreatCluster

CVE-2025-34291 is a critical vulnerability affecting Langflow, an open-source AI agent platform, allowing attackers to take over accounts and execute arbitrary code. Disclosed on December 5, 2025, this vulnerability has a CVSS v4.0 score of 9.4, indicating severe risk. It affects versions 1.6.9 and earlier, particularly impacting organizations handling sensitive data. Attackers exploit this vulnerability through an overly permissive CORS configuration combined with misconfigured authentication cookies. As of May 21, 2026, it has been added to CISA's Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. Organizations using Langflow are urged to update to the latest version immediately to mitigate risks.

Key Points: • CVE-2025-34291 allows account takeover and arbitrary code execution in Langflow. • The vulnerability affects Langflow versions 1.6.9 and earlier, posing a severe risk to organizations. • Active exploitation has been confirmed, with urgent updates recommended for affected users.

ThreatCluster AI

Timeline

2025-10-23
CVE-2025-34291 officially recorded
The vulnerability was assigned a CVE ID, marking the start of its tracking.
Integsec
2025-12-05
CVE-2025-34291 disclosed
Langflow's critical vulnerability was publicly disclosed by Obsidian Security.
Integsec
2026-05-18
First public PoC released
A proof-of-concept for CVE-2025-34291 was made publicly available, indicating potential exploitation methods.
Integsec
2026-05-21
Added to CISA KEV catalog
CVE-2025-34291 was included in CISA's Known Exploited Vulnerabilities list, confirming active exploitation.
Integsec
2026-05-29
Urgent update advisory issued
Users of Langflow were advised to update immediately due to active exploitation of the vulnerability.
Csa.Sg

Community

Browse all →