PT-2026-26781 · Langflow · Langflow
R00Tuser111
·
Published
2026-03-20
·
Updated
2026-04-16
·
CVE-2026-33497
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Langflow versions prior to 1.7.1
Description
Langflow is a tool for building and deploying AI-powered agents and workflows. In the download profile picture function of the
/profile pictures/{folder name}/{file name} API endpoint, the folder name and file name parameters are not strictly filtered. This allows an attacker to read the secret key across directories. The secret key is used for JWT authentication, enabling attackers to forge authentication tokens and log into the system.Recommendations
Versions prior to 1.7.1 should be updated to version 1.7.1 or later.
Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Langflow