CVE-2026-21445

Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.7.0.dev45

Description Langflow, a tool for building and deploying AI-powered agents and workflows, has several critical API endpoints missing authentication controls. This allows any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations, including message deletion. The affected endpoints handle personal data and system operations that should require proper authorization. Specifically, the following API endpoints are vulnerable: /api/v1/monitor/messages, /api/v1/monitor/transactions, and /api/v1/monitor/messages/session/{session id}. The issue stems from the absence of the dependencies=[Depends(get current active user)] authentication dependency in these endpoints. Exploitation can lead to data breaches, privacy violations, data destruction, and potential compliance risks. Proof-of-concept commands have been published demonstrating the ability to access data and delete messages without authentication.

Recommendations Versions prior to 1.7.0.dev45: Add authentication dependencies to the affected API endpoints by including dependencies=[Depends(get current active user)] in the endpoint definitions. Specifically, update the following endpoints: /api/v1/monitor/messages, /api/v1/monitor/transactions, and /api/v1/monitor/messages/session/{session id}.