Skip to main content

Langflow-AI Langflow CVE-2026-7687

| EUVDEUVD-2026-26825 LOW
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') (CWE-74)
2026-05-03 cna@vuldb.com
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Analysis Generated
May 03, 2026 - 09:31 vuln.today
EUVD ID Assigned
May 03, 2026 - 09:22 euvd
EUVD-2026-26825
Analysis Generated
May 03, 2026 - 09:22 vuln.today
CVE Published
May 03, 2026 - 09:16 nvd
LOW 2.1

DescriptionCVE.org

A vulnerability was determined in langflow-ai langflow up to 1.8.4. Affected by this issue is the function CodeParser.parse_callable_details of the file src/lfx/src/lfx/custom/code_parser/code_parser.py of the component Full Builtins Module Handler. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Command injection in Langflow up to version 1.8.4 allows authenticated remote attackers to execute arbitrary commands through the CodeParser.parse_callable_details function in the Full Builtins Module Handler component. The vulnerability has been publicly disclosed with exploit code available, affecting the code parsing functionality with limited confidentiality, integrity, and availability impact. The vendor did not respond to early disclosure notification.

Technical ContextAI

The vulnerability exists in the CodeParser.parse_callable_details function within src/lfx/src/lfx/custom/code_parser/code_parser.py of the Full Builtins Module Handler component. CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component) indicates insufficient sanitization of user-controlled input before passing it to a command execution context. The code parser likely evaluates or executes dynamically generated code without proper escaping or validation of special shell metacharacters, enabling command injection when processing callable details.

RemediationAI

Upgrade Langflow to a version released after 1.8.4. The vendor did not provide a public advisory or explicit patch version number in available intelligence; check the official Langflow GitHub repository (https://github.com/langflow-ai/langflow) for the next available release. As an interim control, restrict network access to the Langflow instance to trusted authenticated users only, and implement input validation to block shell metacharacters (backticks, pipes, semicolons, ampersands, parentheses) from being passed to CodeParser.parse_callable_details. Disable or restrict the Full Builtins Module Handler if it is not required for your use case. Monitor authentication logs for unusual access patterns from low-privilege accounts.

Share

CVE-2026-7687 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy