Which versions of Langflow are affected by EUVD-2026-23745?

Langflow versions up to 1.1.0 contain an unauthenticated file upload vulnerability enabling remote code execution and data compromise without user credentials.. A patch is available.

Is there a public PoC exploit available for EUVD-2026-23745?

Yes, a public proof-of-concept exploit is available for EUVD-2026-23745. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate EUVD-2026-23745?

Within 24 hours: identify all Langflow deployments and document versions in use; isolate any instances running versions ≤1.1.0 from production networks if upgrading is not immediately feasible. Within 7 days: upgrade to Langflow version 1.2.0 or later (verify vendor release notes for remediation confirmation); if upgrade blocked by dependencies, implement network-level access controls restricting the create_upload_file API endpoint to internal networks only. Within 30 days: conduct code review of any files uploaded during exposure window and verify no unauthorized code execution occurred; establish monitoring for POST requests to /api/upload or equivalent endpoints.

Langflow EUVD-2026-23745

Q: What is the CVSS score of EUVD-2026-23745?

EUVD-2026-23745 has a CVSS 4.0 base score of 5.5 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

| CVE-2026-6596 MEDIUM

Unrestricted Upload of File with Dangerous Type (CWE-434)

2026-04-20 VulDB

GHSA-vvfc-fp59-m92g

File Upload Langflow

5.5

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

5.5 MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

CVSS changed

Apr 29, 2026 - 01:12 NVD

6.9 (MEDIUM) 5.5 (MEDIUM)

PoC Detected

Apr 29, 2026 - 01:00 vuln.today

Public exploit code

Severity Changed

Apr 20, 2026 - 03:22 NVD

HIGH MEDIUM

CVSS changed

Apr 20, 2026 - 03:22 NVD

7.3 (HIGH) 6.9 (MEDIUM)

Analysis Generated

Apr 20, 2026 - 02:49 vuln.today

EUVD ID Assigned

Apr 20, 2026 - 02:45 euvd

EUVD-2026-23745

Analysis Generated

Apr 20, 2026 - 02:45 vuln.today

CVE Published

Apr 20, 2026 - 02:15 nvd

MEDIUM 5.5

DescriptionCVE.org

A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function create_upload_file of the file src/backend/base/Langflow/api/v1/endpoints.py of the component API Endpoint. The manipulation results in unrestricted upload. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Unrestricted file upload in Langflow (langflow-ai) versions up to 1.1.0 allows remote unauthenticated attackers to upload arbitrary files via the create_upload_file API endpoint, potentially leading to remote code execution, data manipulation, and service disruption. Publicly available exploit code exists (CVSS:3.1 E:P) with GIST-hosted POC, elevating immediate risk. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon

Identify exposed Langflow API endpoint

Delivery

Craft malicious file upload request

Exploit

POST to /api/v1/create_upload_file

Install

Upload malicious .py file

Trigger execution via workflow or direct access

Execute

Execute arbitrary code as application user

Impact

Establish persistence or exfiltrate data