CVE-2025-57760

Name of the Vulnerable Software and Affected Versions: Langflow (affected versions not specified)

Description: Langflow is a tool for building and deploying AI-powered agents and workflows. A privilege escalation vulnerability exists in Langflow containers where an authenticated user with Remote Code Execution (RCE) access can invoke the internal CLI command langflow superuser to create a new administrative user. This results in full superuser access, even if the user initially registered through the UI as a regular (non-admin) account. The vulnerability allows bypassing frontend role enforcement and backend user integrity, leading to a full compromise of the Langflow application. Exploitation involves executing the langflow superuser command within the container, potentially through the /api/v1/validate/code API endpoint. This can lead to access to all user data, flows, stored credentials, and configuration, as well as potential credential leakage and the ability to run additional Langflow instances. Approximately 2.9k to 5.1k instances are exposed worldwide.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.