Severity by source
AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Physical access required (AV:P) for shared-browser exploitation; no attacker credentials needed (PR:N); full session hijack yields high C and I with no availability impact.
Primary rating from Vendor (https://github.com/langflow-ai/langflow).
CVSS VectorVendor: https://github.com/langflow-ai/langflow
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
2DescriptionCVE.org
Summary
The logout button does not clear the session. The previous user stays logged in unless another user explicitly logs in.
Details
Not in auto login mode. Hosted on localhost. access_token_lf remains present in both Local Storage and Cookies. refresh_token_lf remains present in Cookies.
Root cause: the /logout endpoint deleted the authentication cookies without matching the original httponly/samesite/secure/domain parameters, so the browser kept them; additionally the frontend did not clear the auth cookies on logout.
LANGFLOW_AUTO_LOGIN: "False"
LANGFLOW_SUPERUSER: <set>
LANGFLOW_SUPERUSER_PASSWORD: <set>
LANGFLOW_SECRET_KEY: <set>
LANGFLOW_NEW_USER_IS_ACTIVE: "False"
LANGFLOW_ENABLE_SUPERUSER_CLI: "False"PoC
Click Logout. Hit refresh to return to previous screen.
Impact
Users on shared computers may falsely believe they have terminated their session.
Patches
Fixed in 1.7.0 (PRs #10527 and #10528). The logout endpoint now deletes the auth cookies using the same parameters they were created with, and the frontend clears the auth cookies on logout. Upgrade to 1.7.0 or later.
AnalysisAI
Incomplete session termination in Langflow (pip/langflow < 1.7.0) leaves authentication cookies active after logout on shared machines, allowing any subsequent browser user to resume the previous session without credentials. The /logout endpoint issued cookie-deletion calls without matching the httponly, samesite, secure, and domain attributes used at cookie creation, causing browsers to silently ignore the deletion; the frontend compounded this by also failing to clear access_token_lf and refresh_token_lf from storage. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Physical or local browser access to a machine where a prior Langflow user clicked Logout is required (CVSS AV:P). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The NVD-assigned CVSS vector of CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N (6.1 Medium) is consistent with the described attack surface: exploitation requires physical or browser-level access to the victim's device (AV:P), which substantially limits scope compared to network-exploitable session flaws. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | On a shared workstation running Langflow in non-auto-login mode, User A authenticates, works within the application, and clicks the Logout button believing their session has ended. Because the cookie deletion request omits the original cookie attributes, the browser retains `access_token_lf` and `refresh_token_lf`. … |
| Remediation | Upgrade Langflow to version 1.7.0 or later via `pip install --upgrade langflow`; the advisory states 1.7.0 as the fix release, though package metadata suggests 1.7.1 - upgrading to the latest available release eliminates ambiguity. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-613 – Insufficient Session Expiration
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-38516
GHSA-7hw8-6q6r-4276