## Vulnerability Report

**Name of the Vulnerable Software and Affected Versions:** Langflow versions prior to 1.3.0

**Description:**

Langflow is susceptible to a critical remote code execution (RCE) vulnerability (CVE-2025-3248) due to a missing authentication check in the `/api/v1/validate/code` endpoint. This allows unauthenticated attackers to send crafted HTTP requests to execute arbitrary code on the system. The Flodrix botnet is actively exploiting this vulnerability to deploy malware, including reconnaissance and DDoS attacks. Approximately 663 servers are currently exposed. The vulnerability allows for full system compromise, data theft, and potential use in DDoS attacks.

**Recommendations:**

Upgrade Langflow to version 1.3.0 or later to address this vulnerability. Restrict network access to Langflow instances to mitigate the risk.