module

Langflow AI RCE

Try Surface Command
Back to search
Disclosed
Apr 9, 2025

Description

Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint.
A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today