Description
A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function create_upload_file of the file src/backend/base/Langflow/api/v1/endpoints.py of the component API Endpoint. The manipulation results in unrestricted upload. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-04-20
Score: 6.9 Medium
EPSS: n/a
KEV: No
Impact: Unrestricted File Upload leading to Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A flaw in the langflow API Endpoint allows an attacker to upload any file through the create_upload_file function without restriction. The upload endpoint lacks proper authorization and file type validation, permitting the submission of malicious code that could be executed on the server. The vulnerability is directly exploitable over the network and carries the risk of arbitrary code execution, data exfiltration, or denial of service.

Affected Systems

The vulnerability affects the langflow-ai langflow application up to version 1.1.0 and potentially earlier releases that have not applied any subsequent patch. Operators should verify their installed version against this range and consider the application as vulnerable if it has not been updated beyond 1.1.0.

Risk and Exploitability

The reported CVSS score of 6.9 indicates a moderate severity, but the lack of authentication requirements and publicly available exploit code mean that the risk is higher than the score alone suggests. EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalog; however, the presence of a remote upload vector and the potential for arbitrary code execution imply that attackers could target this flaw without needing additional conditions. The attack is likely carried out via an HTTP POST request to the create_upload_file endpoint from any network location that can reach the server.

Generated by OpenCVE AI on April 20, 2026 at 03:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade langflow to the latest released version that includes the fixed upload checks.
  • Restrict access to the /api/v1/endpoints/create_upload_file endpoint by requiring authenticated and authorized users only.
  • Enforce strict file type validation and size limits, rejecting any dangerous or unexpected file types before storage or execution.

Generated by OpenCVE AI on April 20, 2026 at 03:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 02:45:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function create_upload_file of the file src/backend/base/Langflow/api/v1/endpoints.py of the component API Endpoint. The manipulation results in unrestricted upload. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Title langflow-ai langflow API Endpoint endpoints.py create_upload_file unrestricted upload
First Time appeared Langflow
Langflow langflow
Weaknesses CWE-284
CWE-434
CPEs cpe:2.3:a:langflow:langflow:*:*:*:*:*:*:*:*
Vendors & Products Langflow
Langflow langflow
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Langflow Langflow
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-20T02:15:13.863Z

Reserved: 2026-04-19T13:46:55.202Z

Link: CVE-2026-6596

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-20T03:16:16.967

Modified: 2026-04-20T03:16:16.967

Link: CVE-2026-6596

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T03:30:41Z

Weaknesses