packages
npm / PyPI / Rust / Java / Ruby / PHP + OSV4 events on 2026-06-19role: thematic7d historyaccess: keyless
Keeps: package, version, advisory
Aliases: CVE-2026-55447 Langflow: BaseFileComponent-based nodes arbitrary file read with RCE exploit
LANGFLOWosv:pypi:langflowAliases: CVE-2026-55446, PYSEC-2026-223 Langflow: Unauthenticated DoS through multipart form boundary file upload
LANGFLOWosv:pypi:langflowAliases: CVE-2026-55423, PYSEC-2026-222 Langflow: Logout button does not clear session
LANGFLOWosv:pypi:langflowAliases: CVE-2026-55255, PYSEC-2026-221 Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow
LANGFLOWosv:pypi:langflow