Scmagazine
Critical Langflow RCE Vulnerability Exploited Within 20 Hours
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A critical vulnerability in Langflow, tracked as CVE-2026-33017, allows unauthenticated remote code execution (RCE) via the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint. This flaw was exploited within 20 hours of its disclosure on March 20, 2026, with the first successful data exfiltration occurring shortly after 25 hours. Attackers can send crafted HTTP requests containing arbitrary Python code that executes server-side without sandboxing. The vulnerability affects users of Langflow, a popular open-source framework for building AI workflows, which has over 145,000 stars on GitHub. Sysdig reported that attackers are leveraging this vulnerability to pivot into connected AI pipelines, potentially harvesting sensitive API keys and database credentials. The CVSS score for this vulnerability is 9.3, indicating its critical nature. The issue was patched in version 1.9.0 of Langflow. No public exploits were reported prior to the vulnerability's disclosure, but exploitation attempts were quickly observed. Organizations using Langflow are at risk of significant data loss and system compromise.
Key Points: • CVE-2026-33017 allows unauthenticated RCE in Langflow, affecting public flow builds. • Exploitation attempts were detected within 20 hours of the vulnerability's disclosure. • The vulnerability has a CVSS score of 9.3, indicating a critical threat level.