← signals
2026-07-04·LANGFLOW·devtool trust
highdown

Langflow, an open-source tool for building and deploying AI agents and workflows, has been disclosed with a series of...

Langflow, an open-source tool for building and deploying AI agents and workflows, has been disclosed with a series of severe security vulnerabilities, as reported by multiple OSV advisories.

window 60devidence 21confidence score 100

confidence score

Strong evidence: 2 independent source classes support this read.

100
high confidence2 independent source classesotherpasses publish gate

signal brief

Langflow, an open-source tool for building and deploying AI agents and workflows, has been disclosed with a series of severe security vulnerabilities, as reported by multiple OSV advisories. Between June 16 and June 29, 2026, at least 10 distinct CVEs were published, covering remote code execution (RCE), path traversal, insecure direct object references (IDOR), unauthenticated DoS, arbitrary file read, and session management flaws.

What the sources said:

  • OSV advisory GHSA-v5ff-9q35-q26f (RCE in Shareable Playground): "The vulnerable field is data.nodes[X].data.node.template.code.value." source
  • OSV advisory GHSA-rcjh-r59h-gq37 (file read via Shareable Playground): "The files path can be any path supported by the storage - local file or S3 path." source
  • OSV advisory PYSEC-2026-224 (unauthenticated DoS and info leak): "unauthenticated users can upload any amount of data to the server without any limitations." source
  • OSV advisory PYSEC-2026-242 (IDOR in Monitor API): "Any authenticated user can read, modify, rename, or permanently delete another user's data." source

The vulnerabilities affect multiple versions, with fixes released in versions 1.7.0 through 1.10.0. The high number and severity of these flaws, including RCE and unauthenticated exploits, significantly undermine trust in Langflow as a secure platform for building AI workflows. This may lead to decreased adoption, migration to alternatives, and increased scrutiny from enterprise customers, impacting Langflow's position in the AI developer tool ecosystem.

source data used

Decision support, not stock advice. This signal is research with cited evidence — not a recommendation to buy, sell, or hold any security.