CyberSecurity news
FlagThis
@Talkback Resources
//
A critical security vulnerability in Langflow, an open-source platform used for building agentic AI workflows, is under active exploitation, prompting the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add the flaw to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, identified as CVE-2025-3248, carries a critical CVSS score of 9.8 out of 10, indicating its high severity. Organizations are being urged to immediately apply security updates and mitigation measures to prevent potential attacks.
The flaw is caused by a missing authentication vulnerability in the `/api/v1/validate/code` endpoint of Langflow. This allows unauthenticated remote attackers to execute arbitrary code through crafted HTTP requests. Specifically, the endpoint improperly invokes Python's built-in `exec()` function on user-supplied code without adequate authentication or sandboxing. This allows attackers to execute arbitrary commands on the server, potentially leading to full system compromise. The vulnerability affects most versions of Langflow and has been addressed in version 1.3.0, released on March 31, 2025.
According to security researchers, the vulnerability is easily exploitable and allows unauthenticated remote attackers to take control of Langflow servers. There are currently 466 internet-exposed Langflow instances, with a majority of them located in the United States, Germany, Singapore, India, and China. While the specifics of real-world exploitation are not fully known, exploit attempts have been recorded against honeypots. Federal Civilian Executive Branch (FCEB) agencies have been given until May 26, 2025, to apply the necessary fixes.
ImgSrc: s3.talkback.sh
References :
The flaw is caused by a missing authentication vulnerability in the `/api/v1/validate/code` endpoint of Langflow. This allows unauthenticated remote attackers to execute arbitrary code through crafted HTTP requests. Specifically, the endpoint improperly invokes Python's built-in `exec()` function on user-supplied code without adequate authentication or sandboxing. This allows attackers to execute arbitrary commands on the server, potentially leading to full system compromise. The vulnerability affects most versions of Langflow and has been addressed in version 1.3.0, released on March 31, 2025.
According to security researchers, the vulnerability is easily exploitable and allows unauthenticated remote attackers to take control of Langflow servers. There are currently 466 internet-exposed Langflow instances, with a majority of them located in the United States, Germany, Singapore, India, and China. While the specifics of real-world exploitation are not fully known, exploit attempts have been recorded against honeypots. Federal Civilian Executive Branch (FCEB) agencies have been given until May 26, 2025, to apply the necessary fixes.
ImgSrc: s3.talkback.sh
Share:
References :
- Talkback Resources: Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence [app] [exp] [net]
- The Hacker News: Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence
- BleepingComputer: The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has tagged a Langflow remote code execution vulnerability as actively exploited, urging organizations to apply security updates and mitigations as soon as possible.
- securityaffairs.com: U.S. CISA adds Langflow flaw to its Known Exploited Vulnerabilities catalog
- www.scworld.com: Critical 9.8 Langflow RCE bug added to CISA vulnerability list
- gbhackers.com: gbhackers.com
- www.csoonline.com: Critical flaw in AI agent dev tool Langflow under active exploitation
- www.bleepingcomputer.com: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has tagged a Langflow remote code execution vulnerability as actively exploited, urging organizations to apply security updates and mitigations as soon as possible.
- www.helpnetsecurity.com: A missing authentication vulnerability (CVE-2025-3248) in Langflow, a web application for building AI-driven agents, is being exploited by attackers in the wild, CISA has confirmed by adding it to its Known Exploited Vulnerabilities (KEV) catalog.
- www.bleepingcomputer.com: Critical Langflow RCE flaw exploited to hack AI app servers
Classification:
- HashTags: #Langflow #AIworkflows #CVE-2025-3248
- Company: Langflow
- Target: Langflow Users
- Product: Langflow
- Feature: remote code execution
- Malware: CVE-2025-3248
- Type: 0Day
- Severity: Critical