CVE-2026-3346 | Valters IT Hub

CVE Alert: CVE-2026-6543 - IBM - Langflow Desktop - RedPacket Security

IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow allows an attacker to execute arbitrary commands with the privileges of the process running Langflow. This

CVE Alert: CVE-2026-4503 - IBM - Langflow Desktop - RedPacket Security

IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow could allow an unauthenticated user to view other users' images due to an indirect object reference through

CVE Alert: CVE-2026-6596 - langflow-ai - langflow - RedPacket Security

A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function create_upload_file of the file

CVE Alert: CVE-2026-3357 - IBM - Langflow Desktop - RedPacket Security

IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute arbitrary code on the system, caused by an insecure default

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework for building AI agents.

CVE Alert: CVE-2026-33017 - langflow-ai - langflow - RedPacket Security

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow

CVE Alert: CVE-2026-33053 - langflow-ai - langflow - RedPacket Security

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the delete_api_key_route() endpoint accepts an