CVE-2026-34046

Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.5.1

Description Langflow is a tool for building and deploying AI-powered agents and workflows. A flaw exists in the read flow helper within src/backend/base/langflow/api/v1/flows.py. The code branched on the AUTO LOGIN setting to determine whether to filter by user id. When AUTO LOGIN was set to False (meaning authentication was enabled), no ownership check was performed, allowing any authenticated user to access flows regardless of ownership. This permitted unauthorized access to other users' flows, including embedded plaintext API keys, modification of AI agent logic, and deletion of flows. The issue stemmed from conditional logic intended for public flows, which inadvertently bypassed the ownership filter for authenticated users. The affected API endpoints are /api/v1/flow/{flow id}. The vulnerable variable is user id.

Recommendations Update to Langflow version 1.5.1 or later.