Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/48829?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/48829?format=api", "purl": "pkg:pypi/langflow@1.7.1", "type": "pypi", "namespace": "", "name": "langflow", "version": "1.7.1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.9.0", "latest_non_vulnerable_version": "1.9.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37251?format=api", "vulnerability_id": "VCID-4swq-hbjm-3ucd", "summary": "Langflow is a tool for building and deploying AI-powered agents and workflows. In versions 1.0.0 through 1.8.1, the `/api/v1/files/images/{flow_id}/{file_name}` endpoint serves image files without any authentication or ownership check. Any unauthenticated request with a known flow_id and file_name returns the image with HTTP 200. In a multi-tenant deployment, any attacker who can discover or guess a `flow_id` (UUIDs can be leaked through other API responses) can download any user's uploaded images without credentials. Version 1.9.0 contains a patch.", "references": [ { "reference_url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-7grx-3xcx-2xv5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-7grx-3xcx-2xv5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48845?format=api", "purl": "pkg:pypi/langflow@1.9.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langflow@1.9.0" } ], "aliases": [ "CVE-2026-33484", "GHSA-7grx-3xcx-2xv5", "PYSEC-2026-80" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4swq-hbjm-3ucd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37246?format=api", "vulnerability_id": "VCID-q4r1-xjfk-7bg9", "summary": "Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the delete_api_key_route() endpoint accepts an api_key_id path parameter and deletes it with only a generic authentication check (get_current_active_user dependency). However, the delete_api_key() CRUD function does NOT verify that the API key belongs to the current user before deletion.", "references": [ { "reference_url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-rf6x-r45m-xv3w", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-rf6x-r45m-xv3w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48845?format=api", "purl": "pkg:pypi/langflow@1.9.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langflow@1.9.0" } ], "aliases": [ "CVE-2026-33053", "GHSA-rf6x-r45m-xv3w", "PYSEC-2026-78" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q4r1-xjfk-7bg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37250?format=api", "vulnerability_id": "VCID-rrva-95s5-kbcf", "summary": "Langflow is a tool for building and deploying AI-powered agents and workflows. Versions 1.2.0 through 1.8.1 have a bypass of the patch for CVE-2025-68478 (External Control of File Name), leading to the root architectural issue within `LocalStorageService` remaining unresolved. Because the underlying storage layer lacks boundary containment checks, the system relies entirely on the HTTP-layer `ValidatedFileName` dependency. This defense-in-depth failure leaves the `POST /api/v2/files/` endpoint vulnerable to Arbitrary File Write. The multipart upload filename bypasses the path-parameter guard, allowing authenticated attackers to write files anywhere on the host system, leading to Remote Code Execution (RCE). Version 1.9.0 contains an updated fix.", "references": [ { "reference_url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-g2j9-7rj2-gm6c", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-g2j9-7rj2-gm6c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48845?format=api", "purl": "pkg:pypi/langflow@1.9.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langflow@1.9.0" } ], "aliases": [ "CVE-2026-33309", "GHSA-g2j9-7rj2-gm6c", "PYSEC-2026-79" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rrva-95s5-kbcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37257?format=api", "vulnerability_id": "VCID-v5pc-pdm9-97g8", "summary": "Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.9.0, the Agentic Assistant feature in Langflow executes LLM-generated Python code during its validation phase. Although this phase appears intended to validate generated component code, the implementation reaches dynamic execution sinks and instantiates the generated class server-side. In deployments where an attacker can access the Agentic Assistant feature and influence the model output, this can result in arbitrary server-side Python execution. Version 1.9.0 fixes the issue.", "references": [ { "reference_url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/agentic/api/router.py#L252-L297", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/agentic/api/router.py#L252-L297" }, { "reference_url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/agentic/api/schemas.py#L20-L31", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/agentic/api/schemas.py#L20-L31" }, { "reference_url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/agentic/helpers/code_extraction.py#L11-L53", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/agentic/helpers/code_extraction.py#L11-L53" }, { "reference_url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/agentic/helpers/validation.py#L27-L47", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/agentic/helpers/validation.py#L27-L47" }, { "reference_url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/agentic/services/assistant_service.py#L142-L156", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/agentic/services/assistant_service.py#L142-L156" }, { "reference_url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/agentic/services/assistant_service.py#L259-L300", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/agentic/services/assistant_service.py#L259-L300" }, { "reference_url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/agentic/services/assistant_service.py#L58-L79", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/agentic/services/assistant_service.py#L58-L79" }, { "reference_url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/api/utils/core.py#L38", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/api/utils/core.py#L38" }, { "reference_url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/api/v1/login.py#L96-L135", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/api/v1/login.py#L96-L135" }, { "reference_url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/services/auth/utils.py#L156-L163", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/services/auth/utils.py#L156-L163" }, { "reference_url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/services/auth/utils.py#L39-L53", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/backend/base/langflow/services/auth/utils.py#L39-L53" }, { "reference_url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/lfx/src/lfx/custom/validate.py#L241-L272", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/lfx/src/lfx/custom/validate.py#L241-L272" }, { "reference_url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/lfx/src/lfx/custom/validate.py#L394-L399", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/lfx/src/lfx/custom/validate.py#L394-L399" }, { "reference_url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/lfx/src/lfx/custom/validate.py#L441-L443", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/lfx/src/lfx/custom/validate.py#L441-L443" }, { "reference_url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/lfx/src/lfx/services/settings/auth.py#L71-L87", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cfbcd1fc/src/lfx/src/lfx/services/settings/auth.py#L71-L87" }, { "reference_url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-v8hw-mh8c-jxfc", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-v8hw-mh8c-jxfc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48845?format=api", "purl": "pkg:pypi/langflow@1.9.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langflow@1.9.0" } ], "aliases": [ "CVE-2026-33873", "GHSA-v8hw-mh8c-jxfc", "PYSEC-2026-82" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v5pc-pdm9-97g8" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49487?format=api", "vulnerability_id": "VCID-bb6r-1f6u-t7ed", "summary": "Langflow vulnerable to Server-Side Request Forgery\n**Vulnerability Overview**\n\n\nLangflow provides an API Request component that can issue arbitrary HTTP requests within a flow. This component takes a user-supplied URL, performs only normalization and basic format checks, and then sends the request using a server-side httpx client. It does not block private IP ranges (127.0.0.1, the 10/172/192 ranges) or cloud metadata endpoints (169.254.169.254), and it returns the response body as the result.\n\nBecause the flow execution endpoints (/api/v1/run, /api/v1/run/advanced) can be invoked with just an API key, if an attacker can control the API Request URL in a flow, non-blind SSRF is possible—accessing internal resources from the server’s network context. This enables requests to, and collection of responses from, internal administrative endpoints, metadata services, and internal databases/services, leading to information disclosure and providing a foothold for further attacks.\n\n**Vulnerable Code**\n\n1. When a flow runs, the API Request URL is set via user input or tweaks, or it falls back to the value stored in the node UI.", "references": [ { "reference_url": "https://github.com/langflow-ai/langflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/langflow-ai/langflow" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68477", "reference_id": "CVE-2025-68477", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68477" }, { "reference_url": "https://github.com/advisories/GHSA-5993-7p27-66g5", "reference_id": "GHSA-5993-7p27-66g5", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-5993-7p27-66g5" }, { "reference_url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-5993-7p27-66g5", "reference_id": "GHSA-5993-7p27-66g5", "reference_type": "", "scores": [], "url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-5993-7p27-66g5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48829?format=api", "purl": "pkg:pypi/langflow@1.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4swq-hbjm-3ucd" }, { "vulnerability": "VCID-q4r1-xjfk-7bg9" }, { "vulnerability": "VCID-rrva-95s5-kbcf" }, { "vulnerability": "VCID-v5pc-pdm9-97g8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langflow@1.7.1" } ], "aliases": [ "CVE-2025-68477", "GHSA-5993-7p27-66g5" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bb6r-1f6u-t7ed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37252?format=api", "vulnerability_id": "VCID-ncvf-vzqr-uydz", "summary": "Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.1, in the download_profile_picture function of the /profile_pictures/{folder_name}/{file_name} endpoint, the folder_name and file_name parameters are not strictly filtered, which allows the secret_key to be read across directories. Version 1.7.1 contains a patch.", "references": [ { "reference_url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-ph9w-r52h-28p7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-ph9w-r52h-28p7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48829?format=api", "purl": "pkg:pypi/langflow@1.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4swq-hbjm-3ucd" }, { "vulnerability": "VCID-q4r1-xjfk-7bg9" }, { "vulnerability": "VCID-rrva-95s5-kbcf" }, { "vulnerability": "VCID-v5pc-pdm9-97g8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langflow@1.7.1" } ], "aliases": [ "CVE-2026-33497", "GHSA-ph9w-r52h-28p7", "PYSEC-2026-81" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ncvf-vzqr-uydz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49547?format=api", "vulnerability_id": "VCID-qwtw-q92t-quhz", "summary": "Langflow Missing Authentication on Critical API Endpoints\nMultiple critical API endpoints in Langflow are missing authentication controls, allowing any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal data and system operations that should require proper authorization.", "references": [ { "reference_url": "https://github.com/langflow-ai/langflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/langflow-ai/langflow" }, { "reference_url": "https://github.com/langflow-ai/langflow/commit/3fed9fe1b5658f2c8656dbd73508e113a96e486a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/langflow-ai/langflow/commit/3fed9fe1b5658f2c8656dbd73508e113a96e486a" }, { "reference_url": "https://github.com/langflow-ai/langflow/releases/tag/1.7.1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/langflow-ai/langflow/releases/tag/1.7.1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21445", "reference_id": "CVE-2026-21445", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21445" }, { "reference_url": "https://github.com/advisories/GHSA-c5cp-vx83-jhqx", "reference_id": "GHSA-c5cp-vx83-jhqx", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-c5cp-vx83-jhqx" }, { "reference_url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-c5cp-vx83-jhqx", "reference_id": "GHSA-c5cp-vx83-jhqx", "reference_type": "", "scores": [], "url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-c5cp-vx83-jhqx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48829?format=api", "purl": "pkg:pypi/langflow@1.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4swq-hbjm-3ucd" }, { "vulnerability": "VCID-q4r1-xjfk-7bg9" }, { "vulnerability": "VCID-rrva-95s5-kbcf" }, { "vulnerability": "VCID-v5pc-pdm9-97g8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langflow@1.7.1" } ], "aliases": [ "CVE-2026-21445", "GHSA-c5cp-vx83-jhqx" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qwtw-q92t-quhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37168?format=api", "vulnerability_id": "VCID-sbea-kkfu-akgb", "summary": "Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0, if an arbitrary path is specified in the request body's `fs_path`, the server serializes the Flow object into JSON and creates/overwrites a file at that path. There is no path restriction, normalization, or allowed directory enforcement, so absolute paths (e.g., /etc/poc.txt) are interpreted as is. Version 1.7.0 fixes the issue.", "references": [ { "reference_url": "https://github.com/langflow-ai/langflow", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/langflow-ai/langflow" }, { "reference_url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-f43r-cc68-gpx4", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L" } ], "url": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-f43r-cc68-gpx4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68478", "reference_id": "CVE-2025-68478", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68478" }, { "reference_url": "https://github.com/advisories/GHSA-f43r-cc68-gpx4", "reference_id": "GHSA-f43r-cc68-gpx4", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-f43r-cc68-gpx4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/46626?format=api", "purl": "pkg:pypi/langflow@1.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4swq-hbjm-3ucd" }, { "vulnerability": "VCID-ncvf-vzqr-uydz" }, { "vulnerability": "VCID-q4r1-xjfk-7bg9" }, { "vulnerability": "VCID-rrva-95s5-kbcf" }, { "vulnerability": "VCID-v5pc-pdm9-97g8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langflow@1.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/48829?format=api", "purl": "pkg:pypi/langflow@1.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4swq-hbjm-3ucd" }, { "vulnerability": "VCID-q4r1-xjfk-7bg9" }, { "vulnerability": "VCID-rrva-95s5-kbcf" }, { "vulnerability": "VCID-v5pc-pdm9-97g8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langflow@1.7.1" } ], "aliases": [ "CVE-2025-68478", "GHSA-f43r-cc68-gpx4", "PYSEC-2025-125" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sbea-kkfu-akgb" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langflow@1.7.1" }