Langflow | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have called attention to a new campaign that's actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware. "Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn fetch and install the Flodrix malware," Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed Ibrahim, Sunil Bharti, and Shubham Singh said in a technical report published today. The activity entails the exploitation of CVE-2025-3248 (CVSS score: 9.8), a missing authentication vulnerability in Langflow , a Python-based "visual framework" for building artificial intelligence (AI) applications. Successful exploitation of the flaw could enable unauthenticated attackers to execute arbitrary code via crafted HTTP requests. It was patched by Langflow in March 2025 with version 1.3.0. Last month, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) flagg...

A recently disclosed critical security flaw impacting the open-source Langflow platform has been added to the Known Exploited Vulnerabilities ( KEV ) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), citing evidence of active exploitation. The vulnerability, tracked as CVE-2025-3248 , carries a CVSS score of 9.8 out of a maximum of 10.0. "Langflow contains a missing authentication vulnerability in the /api/v1/validate/code endpoint that allows a remote, unauthenticated attacker to execute arbitrary code via crafted HTTP requests," CISA said. Specifically, the endpoint has been found to improperly invoke Python's built-in exec() function on user-supplied code without adequate authentication or sandboxing, thereby allowing attackers to execute arbitrary commands on the server. The shortcoming, which affects most versions of the popular tool, has been addressed in version 1.3.0 released on March 31, 2025. Horizon3.ai has been credited with...