• Home
  • cyber
  • Langflow: CISA adds Langflow Vulnerability to Known Exploited Vulnerabilities Catalog
cyber Vulnerability

Langflow: CISA adds Langflow Vulnerability to Known Exploited Vulnerabilities Catalog

May 21, 2026 2 min read
Langflow: CISA adds Langflow Vulnerability to Known Exploited Vulnerabilities Catalog

Critical Langflow Vulnerability Exploited in the Wild, Added to CISA KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-34291, a severe vulnerability in Langflow, to its Known Exploited Vulnerabilities (KEV) Catalog after confirming active exploitation. The flaw, classified as an origin validation error (CWE-346), enables unauthenticated attackers to execute arbitrary code and achieve full system compromise.

Affected software includes Langflow, an open-source visual framework widely used for building AI-powered application workflows. The vulnerability stems from an overly permissive Cross-Origin Resource Sharing (CORS) configuration and a SameSite=None refresh token cookie, which allows attackers to bypass browser security controls.

Exploitation occurs via a browser-based cross-origin attack: a victim authenticated to a Langflow instance visits a malicious webpage, unknowingly forwarding their session credentials to the attacker. With valid tokens, the attacker accesses authenticated API endpoints, escalates privileges, and executes remote code with the same permissions as the Langflow service often running with elevated system access.

CISA added CVE-2025-34291 to the KEV Catalog on May 21, 2026, setting a federal remediation deadline of June 4, 2026, for agencies under Binding Operational Directive (BOD) 22-01. While federal entities must comply, private-sector organizations using Langflow in AI development or production are urged to prioritize patching due to the high risk of remote code execution (RCE).

Mitigation steps include applying vendor patches, restricting CORS to trusted origins, reconfiguring session cookies to avoid SameSite=None, and discontinuing use of vulnerable versions if no immediate fixes are available. The flaw’s technical simplicity and potential for widespread impact make it a critical concern for exposed deployments.

Source: https://cyberpress.org/langflow-known-exploited-vulnerabilities/

Langflow TPRM report: https://www.rankiteo.com/company/langflow

"id": "lan1779452952",
"linkid": "langflow",
"type": "Vulnerability",
"date": "5/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'AI/Technology',
                        'name': 'Langflow',
                        'type': 'Open-source software'}],
 'attack_vector': 'Browser-based cross-origin attack',
 'date_publicly_disclosed': '2026-05-21',
 'description': 'The U.S. Cybersecurity and Infrastructure Security Agency '
                '(CISA) has added CVE-2025-34291, a severe vulnerability in '
                'Langflow, to its Known Exploited Vulnerabilities (KEV) '
                'Catalog after confirming active exploitation. The flaw '
                'enables unauthenticated attackers to execute arbitrary code '
                'and achieve full system compromise due to an origin '
                'validation error (CWE-346). Exploitation occurs via a '
                'browser-based cross-origin attack, allowing attackers to '
                'bypass security controls and escalate privileges.',
 'impact': {'operational_impact': 'Full system compromise, remote code '
                                  'execution',
            'systems_affected': 'Langflow instances'},
 'post_incident_analysis': {'corrective_actions': 'Vendor patches, CORS '
                                                  'restrictions, session '
                                                  'cookie reconfiguration',
                            'root_causes': 'Overly permissive CORS '
                                           'configuration, SameSite=None '
                                           'refresh token cookie'},
 'recommendations': 'Prioritize patching, restrict CORS to trusted origins, '
                    'reconfigure session cookies, discontinue use of '
                    'vulnerable versions if no immediate fixes are available',
 'references': [{'source': 'CISA KEV Catalog'}],
 'regulatory_compliance': {'regulatory_notifications': 'CISA KEV Catalog '
                                                       'addition, Binding '
                                                       'Operational Directive '
                                                       '(BOD) 22-01'},
 'response': {'containment_measures': 'Apply vendor patches, restrict CORS to '
                                      'trusted origins, reconfigure session '
                                      'cookies to avoid SameSite=None, '
                                      'discontinue use of vulnerable versions '
                                      'if no immediate fixes are available',
              'remediation_measures': 'Vendor patches, CORS restrictions, '
                                      'session cookie reconfiguration'},
 'stakeholder_advisories': 'Federal agencies must comply with remediation '
                           'deadline of June 4, 2026; private-sector '
                           'organizations urged to prioritize patching',
 'title': 'Critical Langflow Vulnerability Exploited in the Wild, Added to '
          'CISA KEV Catalog',
 'type': 'Remote Code Execution (RCE)',
 'vulnerability_exploited': 'CVE-2025-34291 (Origin Validation Error - '
                            'CWE-346)'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.