CVE-2026-48520 langflow-ai CVE debrief

Who should care

Langflow users, administrators, and security teams should be aware of this vulnerability. Those using Langflow for AI-powered agents and workflows should assess their exposure and take steps to mitigate the risk. This includes updating to version 1.10.0 or later and reviewing flow configurations to prevent unauthorized access.

Technical summary

CVE-2026-48520 is a vulnerability in Langflow's 'Shareable Playground' feature. Prior to version 1.10.0, making a flow public allows public execution, which can lead to arbitrary file reads. An attacker can exploit this by including a list of files to be read by Langflow and fed into the LLM. The vulnerability has a CVSS score of 6.1 and is classified as medium severity. The CVSS vector is CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N.

Defensive priority

Defenders should prioritize updating Langflow to version 1.10.0 or later. Reviewing flow configurations and ensuring only authorized flows are made public is also crucial.

Recommended defensive actions

• Update Langflow to version 1.10.0 or later
• Review flow configurations to prevent unauthorized access
• Ensure only authorized flows are made public
• Monitor Langflow usage for suspicious activity
• Implement additional security measures to prevent exploitation

Evidence notes

The vulnerability is confirmed by the Langflow security advisory (GHSA-rcjh-r59h-gq37). The CVE record and NVD detail provide additional information on the vulnerability. The source item URL provides further context on the CVE record.

Official resources