langflow
python · langflowHeads-up
Langflow Path Traversal in Knowledge Bases API
Langflow is vulnerable to Path Traversal in the Knowledge Bases API (POST /api/v1/knowledge_bases).
17 Jun 2026 · schedule it
python · langflowHeads-up
Langflow Shareable Playground Arbitrary File Read Vulnerability
A security advisory for Langflow's Shareable Playground feature reveals an arbitrary file-read vulnerability.
17 Jun 2026 · schedule it
python · langflowCritical
Langflow /api/v1/monitor missing ownership checks on 7 endpoints
Langflow's /api/v1/monitor router exposes 7 endpoints that lack ownership checks, allowing any authenticated user to read, modify,
17 Jun 2026 · act now
python · langflowCritical
Langflow Shareable Playground allows unauthenticated remote code execution
The Shareable Playground feature in Langflow allows unauthenticated users to execute arbitrary Python code via the `/api/v1/build_
17 Jun 2026 · act now