LOW 3.5 PyPI
GHSA-355v-2rjx-fpx7 · CVE-2024-9277 Inefficient Regular Expression Complexity in langflow
수정: 2024. 10. 1.
package
PyPI / langflow
pkg:pypi/langflow
CRITICAL 9.8 PyPI
GHSA-3645-fxcv-hqr4 · CVE-2026-27966 Langflow has Remote Code Execution in CSV Agent
수정: 2026. 2. 28.
HIGH 8.8 PyPI
GHSA-4gv9-mp8m-592r · CVE-2025-57760 Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation (Post-RCE)
수정: 2025. 12. 18.
CRITICAL 9.8 PyPI
GHSA-56m6-4mhw-h3g5 · CVE-2024-42835, PYSEC-2024-279 langflow has vulnerability in PythonCodeTool component
수정: 2026. 5. 20.
HIGH 8.8 PyPI
GHSA-577h-p2hh-v4mv · CVE-2025-34291, PYSEC-2025-78 Langflow CORS misconfiguration enables Account Takeover and RCE
수정: 2026. 5. 29.
HIGH 7.7 PyPI
GHSA-5993-7p27-66g5 · CVE-2025-68477 Langflow vulnerable to Server-Side Request Forgery
수정: 2025. 12. 19.
LOW 2.7 PyPI
GHSA-5jjf-wcvf-923w · CVE-2026-6597 Langflow has an Information Leak through Incomplete API Key Redaction
수정: 2026. 5. 5.
CRITICAL 9.8 PyPI
GHSA-5p5r-57fx-pmfr · CVE-2024-48061 Langflow vulnerable to remote code execution
수정: 2024. 11. 7.
HIGH 7.5 PyPI
GHSA-7grx-3xcx-2xv5 · CVE-2026-33484, PYSEC-2026-80 langflow has Unauthenticated IDOR on Image Downloads
수정: 2026. 5. 20.
HIGH PyPI
GHSA-8c4j-f57c-35cf · CVE-2026-34046 Langflow: Authenticated Users Can Read, Modify, and Delete Any Flow via Missing Ownership Check
수정: 2026. 3. 27.
MEDIUM 4.3 PyPI
GHSA-9jpj-cph8-w449 · CVE-2026-6598 Langflow: Cleartext Storage of Authentication Settings in Project Creation Endpoint
수정: 2026. 5. 5.
CRITICAL 9.6 PyPI
GHSA-9whx-c884-c68q · CVE-2026-42048 Langflow Knowledge Bases API is Vulnerable to Path Traversal
수정: 2026. 5. 13.
HIGH PyPI
GHSA-c5cp-vx83-jhqx · CVE-2026-21445 Langflow Missing Authentication on Critical API Endpoints
수정: 2026. 2. 3.
HIGH 7.1 PyPI
GHSA-f43r-cc68-gpx4 · CVE-2025-68478, PYSEC-2025-125 External Control of File Name or Path in Langflow
수정: 2026. 5. 20.
HIGH PyPI
GHSA-g22f-v6f7-2hrh · CVE-2026-0770 Langflow affected by Remote Code Execution via validate_code() exec()
수정: 2026. 2. 22.
CRITICAL 9.9 PyPI
GHSA-g2j9-7rj2-gm6c · CVE-2026-33309, PYSEC-2026-79 Langflow has an Arbitrary File Write (RCE) via v2 API
수정: 2026. 5. 20.
HIGH PyPI
GHSA-ph9w-r52h-28p7 · CVE-2026-33497, PYSEC-2026-81 langflow: /profile_pictures/{folder_name}/{file_name} endpoint file reading
수정: 2026. 5. 20.
HIGH 8.8 PyPI
GHSA-qg33-x2c5-6p44 · CVE-2024-37014, PYSEC-2024-177 Langflow remote code execution vulnerability
수정: 2025. 1. 21.
HIGH PyPI
GHSA-rf6x-r45m-xv3w · CVE-2026-33053, PYSEC-2026-78 Langflow is Missing Ownership Verification in API Key Deletion (IDOR)
수정: 2026. 5. 20.
CRITICAL PyPI
GHSA-rvqx-wpfh-mfx7 · CVE-2025-3248, PYSEC-2025-36 Langflow Unauth RCE
수정: 2026. 4. 2.
MEDIUM 6.3 PyPI
GHSA-v66p-f7x3-4794 · CVE-2026-6599 Langflow vulnerable to injection
수정: 2026. 5. 5.
CRITICAL PyPI
GHSA-v8hw-mh8c-jxfc · CVE-2026-33873, PYSEC-2026-82 Langflow has Authenticated Code Execution in Agentic Assistant Validation
수정: 2026. 5. 20.
CRITICAL 9.8 PyPI
GHSA-vwmf-pq79-vjvx · CVE-2026-33017 Unauthenticated Remote Code Execution in Langflow via Public Flow Build Endpoint
수정: 2026. 4. 2.
CRITICAL 9.8 PyPI
PYSEC-2024-177 · CVE-2024-37014, GHSA-qg33-x2c5-6p44 수정: 2025. 1. 19.
CRITICAL 9.8 PyPI
PYSEC-2024-279 · CVE-2024-42835, GHSA-56m6-4mhw-h3g5 수정: 2026. 5. 21.
HIGH 7.1 PyPI
PYSEC-2025-125 · CVE-2025-68478, GHSA-f43r-cc68-gpx4 수정: 2026. 5. 20.
CRITICAL 9.8 PyPI
PYSEC-2025-36 · CVE-2025-3248, GHSA-rvqx-wpfh-mfx7 수정: 2025. 6. 17.
HIGH 8.8 PyPI
PYSEC-2025-78 · CVE-2025-34291, GHSA-577h-p2hh-v4mv 수정: 2026. 5. 21.
HIGH 8.8 PyPI
PYSEC-2026-78 · CVE-2026-33053, GHSA-rf6x-r45m-xv3w 수정: 2026. 5. 20.
CRITICAL 9.9 PyPI
PYSEC-2026-79 · CVE-2026-33309, GHSA-g2j9-7rj2-gm6c 수정: 2026. 5. 20.
HIGH 7.5 PyPI
PYSEC-2026-80 · CVE-2026-33484, GHSA-7grx-3xcx-2xv5 수정: 2026. 5. 20.
HIGH 7.5 PyPI
PYSEC-2026-81 · CVE-2026-33497, GHSA-ph9w-r52h-28p7 수정: 2026. 5. 20.
CRITICAL 9.9 PyPI
PYSEC-2026-82 · CVE-2026-33873, GHSA-v8hw-mh8c-jxfc 수정: 2026. 5. 20.