316/69 Friday, June 12, 2026
Reports indicate that threat actors have begun exploiting a vulnerability in Langflow, a popular open-source drag-and-drop platform used for developing AI applications, AI agents, and Retrieval-Augmented Generation (RAG) systems. The vulnerability, tracked as CVE-2026-5027, allows attackers to write arbitrary files directly to servers running the platform. This poses a significant risk to developers and organizations worldwide, particularly those exposing Langflow instances to the public internet.
Technical analysis conducted by Tenable and VulnCheck revealed that the flaw resides in the file upload functionality of the POST /api/v2/files endpoint. The application fails to properly validate and sanitize user-supplied filenames, enabling attackers to perform a Path Traversal attack by inserting directory traversal sequences such as ../ to write files to arbitrary locations on the underlying operating system. The risk is amplified by Langflow’s default configuration, which often enables unauthenticated auto-login, allowing attackers to obtain a valid session token with a single request before launching further attacks. According to internet-wide scans conducted by Censys, approximately 7,000 publicly accessible Langflow instances have been identified. Researchers also noted that this campaign follows previous exploitation attempts targeting Langflow vulnerabilities, including earlier issues reportedly linked to the MuddyWater threat group.
To mitigate the risk, system administrators and development teams should immediately review the versions of Langflow deployed in their environments. Organizations are strongly encouraged to upgrade to Langflow version 1.10.0, or at minimum version 1.9.0, and ensure that the langflow-base package is updated to version 0.8.3 or later, where the vulnerability has been addressed. In addition, administrators should disable the auto-login feature and restrict access to Langflow servers from the public internet. Access should be limited to internal networks or secured VPN connections whenever possible. These measures will help prevent unauthorized access to vulnerable endpoints and reduce the likelihood of compromise from external attackers.
Source https://www.securityweek.com/splunk-palo-alto-networks-patch-severe-vulnerabilities/