Langflow

A critical unauthenticated remote code execution vulnerability in Langflow was added to CISA’s Known Exploited Vulnerabilities catalog after proof of active exploitation emerged. Langflow, an open-source Python tool used by organizations to visually build and deploy AI agents via a web interface and API, inadvertently exposed more than 500 internet-facing instances and countless internal deployments to hostile actors. By abusing CVE-2025-3248, attackers can execute arbitrary code on exposed servers without any authentication, potentially leading to full system compromise, data theft, ransomware deployment, or pivoting to deeper network resources. Given Langflow’s popularity in automating sensitive workflows, the flaw poses an immediate threat to intellectual property, customer records, and operational continuity across both public and private sector environments. If left unpatched, adversaries could manipulate or leak proprietary AI models, harvest credentials, disrupt services, and undermine trust in critical automation pipelines. CISA’s inclusion of this vulnerability in its KEV catalog underscores the urgent need for patching to prevent widespread damage to organizational integrity and the broader digital infrastructure reliant on Langflow.

Source: https://www.csoonline.com/article/3978918/critical-flaw-in-ai-agent-dev-tool-langflow-under-active-exploitation.html

"id": "353844050725",
"linkid": "langflow",
"type": "Vulnerability",
"date": "5/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"