CVE-2026-33484

Name of the Vulnerable Software and Affected Versions Langflow versions 1.0.0 through 1.8.1

Description Langflow versions 1.0.0 through 1.8.1 have an issue where the /api/v1/files/images/{flow id}/{file name} API endpoint serves image files without authentication or ownership verification. An unauthenticated request with a known flow id and file name will successfully retrieve the image, returning an HTTP 200 response. In a multi-tenant environment, an attacker who can discover or guess a flow id can download images uploaded by any user without authorization. The flow id is a UUID that may be exposed through other API responses. The vulnerable function is download image located in src/backend/base/langflow/api/v1/files.py:138-164.

Recommendations Versions prior to 1.9.0 are affected. Update to version 1.9.0 or later to resolve this issue.