CVE-2026-34046 Langflow CVE debrief

Who should care

Langflow administrators and operators, especially in multi-user or internet-facing deployments; developers who store secrets inside flows; and security teams responsible for access control, secret handling, and upgrade planning. Systems running Langflow versions prior to 1.5.1 should treat this as urgent.

Technical summary

The flaw is a server-side object authorization failure in `src/backend/base/langflow/api/v1/flows.py`. The `_read_flow` helper branched on `AUTO_LOGIN` to decide whether to filter by `user_id`, but when authentication was enabled neither branch enforced ownership, so a valid flow UUID could be fetched regardless of who owned it. NVD maps the issue to CWE-639 and CWE-862, and lists affected Langflow releases prior to 1.5.1 (with additional affected langflow-base criteria through 0.5.1). Version 1.5.1 corrects the logic by unconditionally applying the requester scope.

Defensive priority

High: prioritize immediate upgrade, secret review, and verification of flow ownership controls.

Recommended defensive actions

• Upgrade Langflow to version 1.5.1 or later.
• If you use langflow-base, ensure you are on a version outside the vulnerable range listed by NVD (through 0.5.1).
• Review stored flows for embedded credentials or other secrets and rotate any exposed API keys or tokens.
• Check access logs and recent flow changes for unauthorized reads, edits, or deletions.
• Restrict access to affected instances until remediation is complete, especially in multi-user deployments.

Evidence notes

The supplied source corpus ties this CVE to the GitHub security advisory and patch PR referenced by NVD. NVD marks the record analyzed, assigns CVSS 8.7/HIGH, and lists CWE-639 and CWE-862. The provided dates indicate the CVE was published on 2026-03-27 and modified on 2026-05-11. No KEV entry is present in the supplied data.

Official resources