Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 31 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-6600 langflow-ai langflow Frontend React Component Rendering edit-message.tsx cross site scripting langflow-ailangflow Low 3.5 2026-04-20 03:15:12 Deep Dive
CVE-2026-6599 langflow-ai langflow Model Context Protocol Configuration API mcp_projects.py install_mcp_config injection langflow-ailangflow Medium 6.3 2026-04-20 03:00:16 Deep Dive
CVE-2026-6598 langflow-ai langflow Project Creation Endpoint projects.py encrypt_auth_settings cleartext storage in file langflow-ailangflow Medium 4.3 2026-04-20 02:45:16 Deep Dive
CVE-2026-6597 langflow-ai langflow Flow Using API core.py has_api_terms credentials storage langflow-ailangflow Low 2.7 2026-04-20 02:30:15 Deep Dive
CVE-2026-6596 langflow-ai langflow API Endpoint endpoints.py create_upload_file unrestricted upload langflow-ailangflow High 7.3 2026-04-20 02:15:14 Deep Dive
CVE-2026-3357 IBM Langflow Desktop FAISS Vector Store Remote Code Execution via malicious Pickle file IBMLangflow Desktop High 8.8 2026-04-08 00:19:11 Deep Dive
CVE-2026-34046 Langflow: Authenticated Users Can Read, Modify, and Delete Any Flow via Missing Ownership Check langflow-ailangflow 高危 -2026-03-27 20:06:36 Deep Dive
CVE-2026-33873 Langflow has Authenticated Code Execution in Agentic Assistant Validation langflow-ailangflow 高危 -2026-03-27 20:04:24 Deep Dive
CVE-2026-5027 Langflow - Path Traversal Arbitrary File Write via upload_user_file langflow-ailangflow High 8.8 2026-03-27 14:54:54 Deep Dive
CVE-2026-5026 Langflow - Stored XSS via Malicious SVG Upload langflow-ailangflow 中危 -2026-03-27 14:50:37 Deep Dive
CVE-2026-5025 Langflow - Application Logs Exposed to All Authenticated Users langflow-ailangflow Medium 6.5 2026-03-27 14:43:01 Deep Dive
CVE-2026-5022 Langflow - Missing Authorization on download_image Endpoint langflow-ailangflow 中危 -2026-03-27 14:34:14 Deep Dive
CVE-2026-33497 Langflow: /profile_pictures/{folder_name}/{file_name} endpoint file reading langflow-ailangflow 高危 -2026-03-24 13:14:40 Deep Dive
CVE-2026-33484 Langflow has Unauthenticated IDOR on Image Downloads langflow-ailangflow High 7.5 2026-03-24 12:57:34 Deep Dive
CVE-2026-33475 Langflow GitHub Actions Shell Injection langflow-ailangflow Critical 9.1 2026-03-24 12:54:33 Deep Dive
CVE-2026-33309 Langflow has an Arbitrary File Write (RCE) via v2 API langflow-ailangflow Critical 9.9 2026-03-24 12:49:16 Deep Dive
CVE-2026-33053 Langflow has Missing Ownership Verification in API Key Deletion (IDOR) langflow-ailangflow 高危 -2026-03-20 06:53:48 Deep Dive
CVE-2026-33017 Langflow has Unauthenticated Remote Code Execution via Public Flow Build Endpoint langflow-ailangflow 超危 -2026-03-20 04:52:53 Deep Dive
CVE-2026-27966 Langflow has Remote Code Execution in CSV Agent langflow-ailangflow Critical 9.8 2026-02-26 01:55:19 Deep Dive
CVE-2026-0772 Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vulnerability LangflowLangflow 高危 -2026-01-23 03:29:01 Deep Dive