HIGH 8.8 PyPI
GHSA-4gv9-mp8m-592r · CVE-2025-57760 Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation (Post-RCE)
Modified: 12/18/2025
package
PyPI / langflow-base
pkg:pypi/langflow-base
HIGH PyPI
GHSA-8c4j-f57c-35cf · CVE-2026-34046 Langflow: Authenticated Users Can Read, Modify, and Delete Any Flow via Missing Ownership Check
Modified: 3/27/2026
HIGH PyPI
GHSA-c5cp-vx83-jhqx · CVE-2026-21445 Langflow Missing Authentication on Critical API Endpoints
Modified: 2/3/2026
CRITICAL PyPI
GHSA-rvqx-wpfh-mfx7 · CVE-2025-3248, PYSEC-2025-36 Langflow Unauth RCE
Modified: 4/2/2026
HIGH 7.3 PyPI
GHSA-vvfc-fp59-m92g · CVE-2026-6596 Langflow: DoS Through Lack of File Size Restriction via Deprecated Unauthenticated File Upload API
Modified: 5/5/2026