Langflow, an open-source tool for building AI agents, has been disclosed with a wave of critical security...

Langflow, an open-source tool for building AI agents, has been disclosed with a wave of critical security vulnerabilities in June 2026. Between June 16 and 19, the Open Source Vulnerability (OSV) database published 10 advisories covering Path Traversal (CVE-2026-42867, GHSA-79ph-745m-6wxq), session management flaws (CVE-2026-55423, GHSA-7hw8-6q6r-4276), IDOR/BOLA vulnerabilities affecting multiple endpoints (CVE-2026-33760, GHSA-9c59-2mvc-vfr8; CVE-2026-55255, GHSA-qrpv-q767-xqq2), arbitrary file read with RCE potential (CVE-2026-55447, GHSA-ccv6-r384-xp75), unauthenticated DoS via boundary upload (CVE-2026-55446, GHSA-qwqc-p3q8-wcg9), arbitrary file read in shareable playgrounds (CVE-2026-48520, GHSA-rcjh-r59h-gq37), unauthenticated RCE in shareable playgrounds (CVE-2026-48519, GHSA-v5ff-9q35-q26f), and unauthenticated file upload leading to DoS and information leak (CVE-2026-55450, GHSA-x223-p2gf-v735). Subsequent PyPI entries (PYSEC-2026-221 to 224, 242-244) confirmed these issues affect versions prior to 1.9.0–1.10.0. The breadth and severity—ranging from IDOR and arbitrary file read to unauthenticated RCE—indicate systemic security weaknesses. A dev release (1.11.0.dev24) on June 28 suggests ongoing fixes, but the disclosure wave erodes developer trust and exposes users to significant risk. This may slow adoption and prompt migration to more secure alternatives, impacting Langflow's position in the AI infrastructure ecosystem.