CVE-2026-33053

Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.9.0

Description Langflow is a tool for building and deploying AI-powered agents and workflows. The delete api key route() endpoint, which accepts the api key id path parameter, performs only a generic authentication check. The delete api key() function does not verify if the API key belongs to the current user before deleting it. This allows an authenticated attacker to enumerate and delete API keys belonging to other users by guessing or discovering their API key IDs, potentially leading to account takeover, denial of service, and disruption of integrations. The vulnerable code is located in src/backend/base/langflow/api/v1/api key.py lines 44-53. The delete api key() function in crud.py lines 44-49 retrieves the API key by ID and deletes it without checking ownership.

Recommendations Modify the delete api key endpoint and function: Pass current user to the delete function. In delete api key(), verify api key.user id == current user.id before deletion. Raise a 403 Forbidden error if the user does not own the key.