RedPacket Security8h ago

CVE Alert: CVE-2026-6596 - langflow-ai - langflow - https://www.redpacketsecurity.com/cve-alert-cve-2026-6596-langflow-ai-langflow/

#OSINT #ThreatIntel #CyberSecurity #cve-2026-6596 #langflow-ai #langflow

CVE Alert: CVE-2026-6596 - langflow-ai - langflow - RedPacket Security

A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function create_upload_file of the file

RedPacket Security
OffSequence10h ago
๐Ÿ›ก๏ธ CVE-2026-6597 (CVSS 5.1, MEDIUM): langflow-ai langflow v1.8.0 โ€“ 1.8.3 stores credentials without protection in Flow Using API. Public exploit available. Restrict access & rotate credentials until patched. https://radar.offseq.com/threat/cve-2026-6597-unprotected-storage-of-credentials-i-fc1cbce7 #OffSeq #Vulnerability #Langflow
RedPacket SecurityApr 8

CVE Alert: CVE-2026-3357 - IBM - Langflow Desktop - https://www.redpacketsecurity.com/cve-alert-cve-2026-3357-ibm-langflow-desktop/

#OSINT #ThreatIntel #CyberSecurity #cve-2026-3357 #ibm #langflow-desktop

CVE Alert: CVE-2026-3357 - IBM - Langflow Desktop - RedPacket Security

IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute arbitrary code on the system, caused by an insecure default

RedPacket Security
The New OilMar 28

#CISA: New #Langflow flaw actively exploited to hijack #AI workflows

https://www.bleepingcomputer.com/news/security/cisa-new-langflow-flaw-actively-exploited-to-hijack-ai-workflows/

#cybersecurity

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework for building AI agents.

BleepingComputer
RedPacket SecurityMar 25

CVE Alert: CVE-2026-33017 - langflow-ai - langflow - https://www.redpacketsecurity.com/cve-alert-cve-2026-33017-langflow-ai-langflow/

#OSINT #ThreatIntel #CyberSecurity #cve-2026-33017 #langflow-ai #langflow

CVE Alert: CVE-2026-33017 - langflow-ai - langflow - RedPacket Security

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow

RedPacket Security
RedPacket SecurityMar 20

CVE Alert: CVE-2026-33053 - langflow-ai - langflow - https://www.redpacketsecurity.com/cve-alert-cve-2026-33053-langflow-ai-langflow/

#OSINT #ThreatIntel #CyberSecurity #cve-2026-33053 #langflow-ai #langflow

CVE Alert: CVE-2026-33053 - langflow-ai - langflow - RedPacket Security

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the delete_api_key_route() endpoint accepts an

RedPacket Security
maniabelMar 20

20 Stunden - und der Angriff lรคuft gegen die Sicherheitslรผcke - auch ohne PoCC!. Cyberkriminelle werden immer schneller und auch besser.
Mehr: https://digiprax.maniabel.work/archiv/356

#infosec #langflow #exploit #up2date

OffSequenceMar 20
โš ๏ธ CRITICAL: Langflow RCE flaw is being actively exploited! Unauthenticated attackers can execute code via public flows. No patch or version info yet. Disable public flows, restrict access, monitor logs. Immediate action required! https://radar.offseq.com/threat/critical-langflow-vulnerability-exploited-hours-af-bdeb0c89 #OffSeq #Langflow #RCE #Infosec
sayzardMar 11

Python Trending (@pythontrending)

openrag โ€” OpenRAG๋Š” Langflow, Docling, Opensearch ์œ„์— ๊ตฌ์ถ•๋œ ๋‹จ์ผ ํŒจํ‚ค์ง€์˜ ํฌ๊ด„์  RAG(๊ฒ€์ƒ‰ ์ฆ๊ฐ• ์ƒ์„ฑ) ํ”Œ๋žซํผ์ž…๋‹ˆ๋‹ค. ํ†ตํ•ฉ๋œ ์Šคํƒ์œผ๋กœ RAG ์›Œํฌํ”Œ๋กœ์šฐ๋ฅผ ๊ฐ„์†Œํ™”ํ•˜๋ ค๋Š” ์˜คํ”ˆ ์†Œ์Šค ์†”๋ฃจ์…˜์ž…๋‹ˆ๋‹ค.

https://x.com/pythontrending/status/2031690992428990754

#openrag #rag #langflow #opensearch

Python Trending ๐Ÿ‡บ๐Ÿ‡ฆ (@pythontrending) on X

openrag - OpenRAG is a comprehensive, single package Retrieval-Augmented Generation platform built on Langflow, Docling, and Opensearch. https://t.co/GMUL9qGKwd

X (formerly Twitter)
OffSequenceFeb 26
๐Ÿšจ CVE-2026-27966 (CRITICAL): langflow-ai langflow (<1.8.0) allows unauthenticated RCE via prompt injection due to hardcoded allow_dangerous_code=True. Patch to 1.8.0+ now! https://radar.offseq.com/threat/cve-2026-27966-cwe-94-improper-control-of-generati-8ac7c0b0 #OffSeq #Vulnerability #Langflow #RCE