CVE-2026-6596

Description

Langflow: DoS Through Lack of File Size Restriction via Deprecated Unauthenticated File Upload API

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://gist.github.com/chenhouser2025/c2aabfdee41009cfe45d28a9924742a0
• https://vuldb.com/submit/791919
• https://vuldb.com/vuln/358231
• https://vuldb.com/vuln/358231/cti
• https://nvd.nist.gov/vuln/detail/CVE-2026-6596
• https://github.com/langflow-ai/langflow/commit/b5662446bc8c54d928e278d3d26ad95b62425815

CWEs

CWE-284 CWE-434