Between June 16-19, 2026, multiple CVEs were disclosed for Langflow, a tool for building AI agents and workflows.

Between June 16-19, 2026, multiple CVEs were disclosed for Langflow, a tool for building AI agents and workflows. The advisories, published on OSV.dev, include: CVE-2026-42867 (path traversal in Knowledge Bases API), CVE-2026-55423 (logout not clearing session), CVE-2026-33760 (IDOR/BOLA on Monitor API across 7 endpoints), CVE-2026-55447 (arbitrary file read with RCE via BaseFileComponent), CVE-2026-55255 (IDOR in /api/v1/responses allowing access to another user's flow), CVE-2026-55446 (unauthenticated DoS via multipart form boundary), CVE-2026-48520 (unauthenticated arbitrary file read in Shareable Playgrounds), CVE-2026-48519 (unauthenticated RCE in Shareable Playgrounds), CVE-2026-55450 (unauthenticated file upload leading to DoS and information leak). These vulnerabilities range from information disclosure to remote code execution, affecting versions prior to 1.9.2 or 1.7.0 or 1.0.19. The rapid release of patches (1.9.2, 1.10.1, etc.) suggests active development, but the sheer number and severity of vulnerabilities undermine confidence in Langflow's security posture. Developer trust, a key asset for open-source devtools, is likely damaged, potentially slowing adoption among security-conscious organizations. Source 13, Source 14, Source 15, Source 16, Source 17, Source 18, Source 19, Source 20, Source 21