Langflow is a tool for building and deploying AI-powered agents and workflows. A privilege escalation vulnerability exists in Langflow containers where an authenticated user with RCE access can invoke the internal CLI command langflow superuser to create a new administrative user. This results in full superuser access, even if the user initially registered through the UI as a regular (non-admin) account. A patched version has not been made public at this time.
| Date Added | Due Date | Vulnerability Name | Required Action |
|---|---|---|---|
| N/A |
| Type | Version | Base score | Base severity | Vector |
|---|---|---|---|---|
| Secondary | 3.1 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Hyperlink | Source | Resource |
|---|---|---|
| http://github.com/langflow-ai/langflow/pull/9152 | security-advisories@github.com | Patch |
| https://github.com/langflow-ai/langflow/commit/c188ec113c9ca46154ad01d0eded1754cc6bef97 | security-advisories@github.com | Patch |
| https://github.com/langflow-ai/langflow/security/advisories/GHSA-4gv9-mp8m-592r | security-advisories@github.com | Third Party Advisory |