CVE-2026-0770 - Vulnerability Details

- Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability

Description

Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of the exec_globals parameter provided to the validate endpoint. The issue results from the inclusion of a resource from an untrusted control sphere. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-27325.

Published: 2026-01-23

Score: 9.8 Critical

EPSS: 11.9% Moderate

KEV: No

Impact:

Action:

Analysis

Impact

A flaw in the handling of the exec_globals parameter provided to the validate endpoint allows an attacker to include code from an untrusted control sphere. This omission enables the execution of arbitrary commands without requiring authentication, potentially allowing the attacker to run code as the system’s root user.

Affected Systems

Langflow’s Langflow application, specifically version 1.4.2, is impacted. No other versions are listed in the provided data.

Risk and Exploitability

The vulnerability scores 9.8 on the CVSS scale, indicating a critical impact. With an EPSS score of 0.11859%, the likelihood of exploitation is very low. The vulnerability is not currently recorded in the CISA KEV catalog. Attackers can exploit the flaw remotely by sending a specially crafted request to the validate endpoint, with no authentication required.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Langflow

unknown

Version	Status	Constraints
`1.4.2`	affected	—

Configuration 1 [-]

cpe:2.3:a:langflow:langflow:1.4.2:-:*:*:*:*:*:*

No data.

Vendor	Product	Confidence	Versions
Langflow	Langflow	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Langflow to the newest release that contains the fix for the exec_globals handling flaw.
Restrict access to the Langflow service so that only trusted networks or hosts can reach the validate endpoint.
If an immediate upgrade is not possible, reconfigure or remove the validate endpoint from the public interface to block unauthenticated calls that could trigger the exec_globals flaw.

Generated by OpenCVE AI on April 18, 2026 at 15:17 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Github GHSA	GHSA-g22f-v6f7-2hrh	Langflow affected by Remote Code Execution via validate_code() exec()

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.11859.

Exploitation none

Automatable yes

Technical Impact total

References

Link	Providers
https://www.zerodayinitiative.com/advisories/ZDI-26-036/

History

Wed, 18 Feb 2026 16:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:langflow:langflow:1.4.2:-::::::

Fri, 23 Jan 2026 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 23 Jan 2026 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Langflow Langflow langflow
Vendors & Products		Langflow Langflow langflow

Fri, 23 Jan 2026 04:00:00 +0000

Type	Values Removed	Values Added
Description		Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the exec_globals parameter provided to the validate endpoint. The issue results from the inclusion of a resource from an untrusted control sphere. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-27325.
Title		Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability
Weaknesses		CWE-829
References		https://www.zerodayinitiative.com/advisories/ZDI-26-036/
Metrics		cvssV3_0 `{'score': 9.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Subscriptions

Langflow Langflow

MITRE

Status: PUBLISHED

Assigner: zdi

Published: 2026-01-23T03:28:52.286Z

Updated: 2026-02-26T14:44:26.470Z

Reserved: 2026-01-08T22:50:23.294Z

Link: CVE-2026-0770

Vulnrichment

Updated: 2026-01-23T16:31:30.511Z

NVD

Status : Analyzed

Published: 2026-01-23T04:16:04.063

Modified: 2026-02-18T16:43:44.047

Link: CVE-2026-0770

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-18T15:30:03Z

Weaknesses

CWE-829

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object