CRITICALVulnerability
Global

Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints

·Source: The Hacker News

Updated:

Executive Summary

Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026-33017 (CVSS score: 9.3), an unauthenticated remote code execution (RCE) vulnerability in Langflow, indicating threat actors are scanning and targeting exposed artificial intelligence (AI)

Analysis

Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026-33017 (CVSS score: 9.3), an unauthenticated remote code execution (RCE) vulnerability in Langflow, indicating threat actors are scanning and targeting exposed artificial intelligence (AI)

Indicators of Compromise (1)

CVE (1)
CVE-2026-33017
Source Attribution

Originally published by The Hacker News on Jun 30, 2026.

Related Threats