Langflow Archives • Daily CyberSecurity

Langflow Cryptominer Malware Exploits CVE-2026-33017 hack

Langflow Cryptominer Malware Exploits CVE-2026-33017

Do Son June 27, 2026

At least 39 rival malware families appear on a kill list used by a new Langflow cryptominer...

Langflow Security Vulnerabilities Expose AI Systems Diagram of Langflow security vulnerabilities CVE-2026-55255 CVE-2026-55447 CVE-2026-55450

Diagram of Langflow security vulnerabilities CVE-2026-55255 CVE-2026-55447 CVE-2026-55450

Langflow Security Vulnerabilities Expose AI Systems

Do Son June 26, 2026

TL;DR Three critical Langflow security vulnerabilities expose artificial intelligence applications to severe risks. Attackers could execute arbitrary...

Critical Langflow Flaws Allow Unauthenticated Remote Code Execution Langflow RCE vulnerability enabling unauthenticated remote code execution

Langflow RCE vulnerability enabling unauthenticated remote code execution

Critical Langflow Flaws Allow Unauthenticated Remote Code Execution

Do Son June 25, 2026

TL;DR IBM disclosed two critical flaws in Langflow OSS, the open-source AI workflow builder. One is a...

Langflow File Upload Flaw: Details and PoC Exploit Publicly Disclosed (CVE-2026-55450) Langflow file upload flaw enabling unauthenticated denial-of-service and path leak (CVE-2026-55450)

Langflow file upload flaw enabling unauthenticated denial-of-service and path leak (CVE-2026-55450)

Langflow File Upload Flaw: Details and PoC Exploit Publicly Disclosed (CVE-2026-55450)

Do Son June 19, 2026

Unauthenticated upload exposes Langflow servers A newly published Langflow file upload flaw lets anyone with network...

Critical Langflow RCE Vulnerability Exposes AI Workflows Langflow RCE vulnerability Shareable Playground security flaw

Critical Langflow RCE Vulnerability Exposes AI Workflows

Do Son June 3, 2026

Security researchers recently uncovered a severe security defect in a prominent artificial intelligence orchestration platform. Specifically, a...

CISA Sound the Alarm: Langflow AI Platform and Trend Micro Added to KEV Catalog Due to Active Exploitation CISA KEV Catalog Updates Langflow CVE-2025-34291 Exploit SharePoint Spoofing CISA KEV Catalog Actively Exploited Vulnerability

CISA KEV Catalog Updates Langflow CVE-2025-34291 Exploit SharePoint Spoofing CISA KEV Catalog Actively Exploited Vulnerability

CISA Sound the Alarm: Langflow AI Platform and Trend Micro Added to KEV Catalog Due to Active Exploitation

Do Son May 21, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two newly weaponized security vulnerabilities to its...

SaaS-Style Cybercrime: Attackers Weaponize Langflow RCE and NATS Messaging for Ultra-Scalable C2 NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

SaaS-Style Cybercrime: Attackers Weaponize Langflow RCE and NATS Messaging for Ultra-Scalable C2

Do Son May 18, 2026

A sophisticated new command-and-control (C2) technique has emerged, revealing threat actors who operate more like modern SaaS...

Langflow Alert: Path Traversal Flaw in Knowledge Bases API Risks Total Data Wipeout Langflow Vulnerability CVE-2026-42048 Langflow RCE CVE-2026-27966 Langflow Vulnerabilities CVE-2026-33017

Langflow Vulnerability CVE-2026-42048 Langflow RCE CVE-2026-27966 Langflow Vulnerabilities CVE-2026-33017

Langflow Alert: Path Traversal Flaw in Knowledge Bases API Risks Total Data Wipeout

Do Son April 28, 2026

Langflow, the popular visual framework for building and deploying AI-powered agents , has patched a critical security...

The CVE Watchtower: Weekly Threat Intelligence Briefing (March 23 – March 29, 2026) Vulnerability Triage CISA KEV List

The CVE Watchtower: Weekly Threat Intelligence Briefing (March 23 – March 29, 2026)

Do Son March 30, 2026

Whether you are steering the organizational ship as a CISO or maintaining the operational engines as a...

AI Workflows Under Fire: Critical RCE and File Write Flaws Expose Langflow Servers Langflow Vulnerability CVE-2026-42048 Langflow RCE CVE-2026-27966 Langflow Vulnerabilities CVE-2026-33017

AI Workflows Under Fire: Critical RCE and File Write Flaws Expose Langflow Servers

Do Son March 19, 2026

Security researchers have identified two severe vulnerabilities in Langflow, the popular visual framework for building AI-powered agents....

Critical 9.8 Flaw in Langflow’s AI CSV Agent Opens a Direct Path to Root Shell Langflow Vulnerability CVE-2026-42048 Langflow RCE CVE-2026-27966 Langflow Vulnerabilities CVE-2026-33017

Critical 9.8 Flaw in Langflow’s AI CSV Agent Opens a Direct Path to Root Shell

Do Son March 2, 2026

Artificial intelligence is making it easier than ever to build complex applications, but a newly discovered vulnerability...

Langflow Hit by Privilege Escalation Flaw: CVE-2025-57760 Langflow, Privilege escalation

Langflow Hit by Privilege Escalation Flaw: CVE-2025-57760

Do Son August 26, 2025

The Langflow project has issued an important security advisory regarding a newly discovered vulnerability that poses a...

Langflow Under Attacks: CVE-2025-3248 Exploited to Deliver Stealthy Flodrix Botnet CVE-2025-3248 PoC script execution

Langflow Under Attacks: CVE-2025-3248 Exploited to Deliver Stealthy Flodrix Botnet

Do Son June 16, 2025

Trend Micro has uncovered an active and sophisticated campaign exploiting a critical remote code execution (RCE) vulnerability...

Langflow Under Attack: CISA Warns of Active Exploitation of CVE-2025-3248 CVE-2025-3248 Langflow Vulnerability Remote Code Execution

Langflow Under Attack: CISA Warns of Active Exploitation of CVE-2025-3248

Do Son May 5, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-3248 to its Known Exploited Vulnerabilities...

Critical Vulnerability Exposes Langflow Servers to Full Compromise CVE-2025-3248 Langflow Vulnerability Remote Code Execution

Critical Vulnerability Exposes Langflow Servers to Full Compromise

Do Son April 11, 2025

A newly discovered vulnerability in Langflow, a popular tool for building agentic AI workflows, poses a significant...