CVE-2026-0769

Name of the Vulnerable Software and Affected Versions Langflow (affected versions not specified)

Description A flaw exists in Langflow that allows remote attackers to execute arbitrary code. This does not require authentication. The issue is due to insufficient validation of user-supplied input before it is used in the eval custom component code() function to execute Python code. An attacker can exploit this to execute code within the current process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.