HIGHVulnerability
Verified
Global
CISA KEV: Langflow Langflow — Langflow Code Injection Vulnerability
·Source: CISA KEV
Updated:
Executive Summary
Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication.
Analysis
Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication. Added to CISA Known Exploited Vulnerabilities catalog on 2026-03-25. Remediation due: 2026-04-08.