python · langflowCritical
Langflow Shareable Playground allows unauthenticated remote code execution
The Shareable Playground feature in Langflow allows unauthenticated users to execute arbitrary Python code via the `/api/v1/build_public_tmp` route by manipulating the `data.
What changed
The Shareable Playground feature in Langflow allows unauthenticated users to execute arbitrary Python code via the `/api/v1/build_public_tmp` route by manipulating the `data.nodes[X].data.node.template.code.value` field in the JSON payload.
Who it affects
Any Langflow deployment that has enabled the Shareable Playground (Public Flows) feature.
What to do today
Disable the Shareable Playground feature immediately or restrict access to the `/api/v1/build_public_tmp` endpoint until a patch is applied.
The trail
Collected→
Audited→
Written→
Published