CISA Warns About Langflow Authorization Bypass Vulnerability Exploitation (CVE-2026-55255)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently acknowledged the active exploitation of the Langflow vulnerability. Tracked as CVE-2026-55255, the vulnerability may allow an authenticated attacker to execute another user’s flow by specifying the victim’s flow ID in the request. The vendor has given this vulnerability a critical severity rating with a CVSS score of 9.9.
CISA added the vulnerability to its Known Exploited Vulnerabilities Catalog, urging users to patch it before July 10, 2026.
Langflow is an open-source, low-code platform that uses a visual, drag-and-drop interface to build, prototype, and deploy AI applications and workflows. It enables users to connect components like large language models (LLMs), vector databases, APIs, and custom logic into functional AI systems without extensive coding.
Vulnerability Details
This is an Insecure Direct Object Reference (IDOR) vulnerability in /api/v1/responses endpoint. The vulnerability exists in the get_flow_by_id_or_endpoint_name helper function in src/backend/base/langflow/helpers/flow.py. When a flow is accessed via UUID (flow_id), the function queries the database directly without verifying if the authenticated user owns that flow.
Successful exploitation of the vulnerability may allow an authenticated attacker to:
- Execute any flow in the system by knowing its flow ID.
- Access potentially sensitive data processed by the victim’s flows.
- Consume the victim’s resources.
Affected Versions
The vulnerability affects the Langflow versions before 1.9.1.
Mitigation
Users must upgrade to Langflow version 1.9.1 or later to patch the vulnerability.
For more information, please refer to the Langflow Security Advisory.
Qualys Detection
Qualys customers can scan their devices with QID 5014302 to detect vulnerable assets.
QID 5014302 is currently available via the SwCA capabilities for Container Security.
Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.
References
https://github.com/langflow-ai/langflow/security/advisories/GHSA-qrpv-q767-xqq2

Comments are closed.