Description
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0.dev45, multiple critical API endpoints in Langflow are missing authentication controls. The issue allows any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal data and system operations that should require proper authorization. Version 1.7.0.dev45 contains a patch.
Published: 2026-01-02
Score: 8.8 High
EPSS: 7.0% Low
KEV: No
Impact: Unauthorized Access and Destructive Operations
Action: Immediate Patch
AI Analysis

Impact

Langflow, an AI‑workflow application, has multiple critical API endpoints that lack authentication. The flaw allows attackers who are not logged in to read sensitive conversation data, view transaction histories, and execute destructive actions such as deleting messages. This can lead to major confidentiality and integrity violations, exposing personal data and disrupting user workflows. The underlying weakness is a missing authentication control (CWE‑306).

Affected Systems

The vulnerability affects the langflow‑ai:langflow product on all releases prior to 1.7.0.dev45. System administrators should verify the version installed in their environment and be aware that any deployment of the unpatched application is susceptible to these attacks.

Risk and Exploitability

The CVSS score of 8.8 indicates a high severity. An EPSS of 7% suggests that exploitation is plausible but not ubiquitous. The vulnerability is not listed in the CISA KEV catalog. The attack vector is most likely remote, with unauthenticated HTTP requests made to the exposed API endpoints. Successful exploitation requires network connectivity to the service and can be performed by any internet user without credentials.

Generated by OpenCVE AI on April 18, 2026 at 08:30 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Langflow to version 1.7.0.dev45 or later, which contains the authentication patch for the affected endpoints.
  • Deploy authentication middleware or enable built‑in authorization checks on all critical API endpoints if an upgrade is not immediately possible.
  • Restrict network access to the API service by using firewall rules or VPN, ensuring that only trusted hosts can reach the endpoints.

Generated by OpenCVE AI on April 18, 2026 at 08:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-c5cp-vx83-jhqx Langflow Missing Authentication on Critical API Endpoints
History

Fri, 16 Jan 2026 18:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:langflow:langflow:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

Mon, 05 Jan 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 05 Jan 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Langflow
Langflow langflow
Vendors & Products Langflow
Langflow langflow

Fri, 02 Jan 2026 19:30:00 +0000

Type Values Removed Values Added
Description Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0.dev45, multiple critical API endpoints in Langflow are missing authentication controls. The issue allows any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal data and system operations that should require proper authorization. Version 1.7.0.dev45 contains a patch.
Title Langflow Missing Authentication on Critical API Endpoints
Weaknesses CWE-306
References
Metrics cvssV4_0

{'score': 8.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Langflow Langflow
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-26T15:04:59.539Z

Reserved: 2025-12-29T03:00:29.277Z

Link: CVE-2026-21445

cve-icon Vulnrichment

Updated: 2026-01-05T16:07:50.246Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-02T20:16:17.880

Modified: 2026-01-16T18:32:17.060

Link: CVE-2026-21445

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T08:45:41Z

Weaknesses