| CVE |
Severity |
CVSS |
Risk |
Published |
Description |
Impact |
| CVE-2026-33017 |
critical |
9.8 |
10.0 |
2mo ago |
Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication. |
|
| CVE-2026-42048 |
critical |
9.6 |
9.6 |
15d ago |
Langflow Knowledge Bases API is Vulnerable to Path Traversal |
|
| CVE-2026-6599 |
medium |
6.3 |
6.3 |
1mo ago |
Langflow vulnerable to injection |
|
| CVE-2026-6598 |
medium |
4.3 |
4.3 |
1mo ago |
Langflow: Cleartext Storage of Authentication Settings in Project Creation Endpoint |
|