CVE-2026-6598 - Vulnerability Details

- langflow-ai langflow Project Creation Endpoint projects.py encrypt_auth_settings cleartext storage in file

Description

A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_project/encrypt_auth_settings of the file src/backend/base/Langflow/api/v1/projects.py of the component Project Creation Endpoint. Such manipulation of the argument auth_settings leads to cleartext storage in a file or on disk. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published: 2026-04-20

Score: 5.3 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability lies in the create_project/encrypt_auth_settings function of the Project Creation Endpoint, which writes authentication settings directly to a file on disk in cleartext. This results in cleartext storage of potentially sensitive credentials, exposing them to anyone with read access to the file system. The weakness is identified as CWE‑312 (Cleartext Storage of Sensitive Information) and CWE‑313 (Insecure Encryption). An attacker who obtains the authentication settings can gain unauthorized access to services the credentials protect, thereby compromising confidentiality and possibly enabling further attacks such as privilege escalation. The affected product is langflow‑ai's Langflow platform, with versions up to and including 1.8.3. The flaw resides specifically in src/backend/base/Langflow/api/v1/projects.py and impacts the Project Creation Endpoint provided by the API. The risk is moderate, reflected by a CVSS score of 5.3. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog. The attack can be launched remotely against the API, and the exploit has been publicly disclosed. While no automated exploitation package is reported, the cleartext storage provides a straightforward method for an attacker to retrieve credentials once they have any level of access to the system’s filesystem or the running application’s environment.

Affected Systems

The vulnerability affects the langflow‑ai Langflow application versions up to 1.8.3. This includes the Project Creation Endpoint that writes authentication settings to disk in cleartext.

Risk and Exploitability

The CVSS score of 5.3 indicates a medium severity. The EPSS score is not available, and the vulnerability is not in the CISA KEV list. Attackers can exploit the flaw remotely by triggering the Project Creation Endpoint with manipulated auth_settings, causing the application to persist sensitive data in cleartext. Because the flaw lies in the backend code and the attack surface is the exposed API, the likelihood of exploitation depends on the exposure of the API to untrusted users and the presence of any authentication controls around it.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

langflow-ai

langflow

affected

Version	Status	Constraints
`1.8.0`	affected	—
`1.8.1`	affected	—
`1.8.2`	affected	—
`1.8.3`	affected	—

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply a fixed release of Langflow when available or remove the vulnerable create_project/encrypt_auth_settings function.
Restrict access to the Project Creation Endpoint, limiting it to trusted users or IP addresses, and enforce authentication before processing project creation requests.
Ensure that any authentication settings are stored using secure encryption mechanisms or a secrets manager, and modify the code to prevent cleartext writes to disk.

Generated by OpenCVE AI on April 20, 2026 at 05:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://gist.github.com/chenhouser2025/77adb3486c06c635ae4b09a3eaf90213
https://vuldb.com/submit/791921
https://vuldb.com/vuln/358233
https://vuldb.com/vuln/358233/cti

History

Mon, 20 Apr 2026 04:00:00 +0000

Type	Values Removed	Values Added
Description		A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_project/encrypt_auth_settings of the file src/backend/base/Langflow/api/v1/projects.py of the component Project Creation Endpoint. Such manipulation of the argument auth_settings leads to cleartext storage in a file or on disk. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title		langflow-ai langflow Project Creation Endpoint projects.py encrypt_auth_settings cleartext storage in file
First Time appeared		Langflow Langflow langflow
Weaknesses		CWE-312 CWE-313
CPEs		cpe:2.3:a:langflow:langflow::::::::
Vendors & Products		Langflow Langflow langflow
References		https://gist.github.com/chenhouser2025/77adb3486c06c635ae4b09a3eaf90213 https://vuldb.com/submit/791921 https://vuldb.com/vuln/358233 https://vuldb.com/vuln/358233/cti
Metrics		cvssV2_0 `{'score': 4, 'vector': 'AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 4.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Langflow Langflow

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-04-20T02:45:15.874Z

Updated: 2026-04-20T02:45:15.874Z

Reserved: 2026-04-19T13:47:03.207Z

Link: CVE-2026-6598

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-04-20T04:16:52.857

Modified: 2026-04-20T04:16:52.857

Link: CVE-2026-6598

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-20T05:30:44Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object