Key Findings

* Critical remote code execution vulnerability in Langflow (CVE-2026-33017)

* CVSS score: 9.3

* Exploited within 20 hours of advisory publication

* Allows unauthenticated remote code execution via API endpoint

* Affects all Langflow versions prior to 1.8.1

* Attackers can execute arbitrary Python code with full server privileges

* Observed exploitation includes credential harvesting and potential supply chain compromise

Background

Langflow, an open-source AI platform, was discovered to have a critical security vulnerability that allows threat actors to execute arbitrary code without authentication. The flaw exists in the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint, which permits building public flows without proper access controls.

Technical Details

The vulnerability stems from the endpoint's ability to accept an optional data parameter that can contain arbitrary Python code. When this parameter is supplied, the code is passed directly to exec() without any sandboxing, creating a direct path to remote code execution.

Exploitation Mechanism

Attackers can trigger the vulnerability through a single HTTP POST request containing malicious Python code in the JSON payload. This allows immediate remote code execution with the full privileges of the server process, enabling actions such as:

* Reading environment variables

* Accessing and modifying files

* Injecting backdoors

* Obtaining reverse shells

Observed Attack Patterns

Threat actors have been seen:

* Scanning for vulnerable Langflow instances

* Extracting data from "/etc/passwd"

* Harvesting credentials

* Enumerating configuration files and databases

* Preparing staged payloads for further compromise

Mitigation Recommendations

* Update to Langflow version 1.9.0.dev8 or later

* Immediately patch all vulnerable instances

* Implement additional authentication and input validation

* Monitor for unauthorized API access

* Review and restrict API endpoint permissions

Broader Context

The rapid exploitation of this vulnerability aligns with an accelerating trend of quickly weaponized security flaws. The median time-to-exploit has dramatically decreased from 771 days in 2018 to just hours in 2024, presenting significant challenges for organizational cybersecurity defenses.

Sources

• https://thehackernews.com/2026/03/critical-langflow-flaw-cve-2026-33017.html

• https://x.com/shah_sheikh/status/2035027761694175317

• https://x.com/TheHackersNews/status/2035012683536445478

• https://x.com/TheCyberSecHub/status/2035028141392195904

• https://www.reddit.com/r/InfoSecNews/comments/1rz39r9/critical_langflow_flaw_cve202633017_triggers/