Langflow is a tool for building and deploying AI-powered agents and workflows. A privilege escalation vulnerability exists in Langflow containers where an authenticated user with RCE access can invoke the internal CLI command langflow superuser to create a new administrative user. This results in full superuser access, even if the user initially registered through the UI as a regular (non-admin) account. A patched version has not been made public at this time.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 03 Sep 2025 14:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:langflow:langflow:*:*:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev0:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev10:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev11:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev12:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev13:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev14:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev15:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev16:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev17:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev18:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev19:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev1:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev20:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev21:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev22:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev23:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev24:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev25:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev26:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev27:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev28:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev29:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev2:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev30:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev31:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev3:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev4:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev5:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev6:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev7:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev8:*:*:*:*:*:*
cpe:2.3:a:langflow:langflow:1.5.0:dev9:*:*:*:*:*:*

Tue, 26 Aug 2025 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Langflow
Langflow langflow
Vendors & Products Langflow
Langflow langflow

Mon, 25 Aug 2025 21:45:00 +0000

Type Values Removed Values Added
Description Langflow is a tool for building and deploying AI-powered agents and workflows. A privilege escalation vulnerability exists in Langflow containers where an authenticated user with RCE access can invoke the internal CLI command langflow superuser to create a new administrative user. This results in full superuser access, even if the user initially registered through the UI as a regular (non-admin) account. A patched version has not been made public at this time.
Title Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation
Weaknesses CWE-269
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2025-08-25T20:34:14.809Z

Reserved: 2025-08-19T15:16:22.917Z

Link: CVE-2025-57760

cve-icon Vulnrichment

Updated: 2025-08-25T20:34:09.473Z

cve-icon NVD

Status : Analyzed

Published: 2025-08-25T17:15:30.140

Modified: 2025-09-03T13:56:12.533

Link: CVE-2025-57760

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-26T08:54:53Z