CVE-2026-42048

Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.9.0

Description Langflow is a tool for building and deploying AI-powered agents and workflows. A path traversal flaw exists in the Knowledge Bases API endpoint "DELETE /api/v1/knowledge bases" within the delete knowledge bases bulk() function. The issue arises because user-supplied knowledge base names provided in the kb names parameter are concatenated directly into file paths without proper sanitization or boundary validation. This allows an authenticated attacker to use traversal sequences (e.g., ../) to escape the intended directory and trigger the shutil.rmtree() function to delete arbitrary directories on the server's filesystem. This can lead to cross-tenant data loss, deletion of critical application files, and potential service disruption.

Recommendations Update to version 1.9.0. As a temporary workaround, restrict access to the "DELETE /api/v1/knowledge bases" API endpoint to minimize the risk of exploitation.