CVE-2026-5027 — Langflow: unauthenticated path traversal to arbitrary file write, exploited in the wild
From CTI Daily Brief — 2026-06-11 · published 2026-06-11 · view item permalink →
CVE-2026-5027 (CVSS 8.8, CWE-22) is a path-traversal flaw in Langflow — the widely deployed open-source low-code platform for building LLM pipelines, RAG systems and agentic workflows. The POST /api/v2/files endpoint fails to sanitise the filename parameter in multipart form data, allowing ../ sequences to write files to arbitrary filesystem locations (BleepingComputer, 2026-06-10). It is effectively pre-authentication: Langflow ships with LANGFLOW_AUTO_LOGIN enabled by default, so a single unauthenticated request obtains a valid session token before reaching the file-write primitive, which chains to code execution via webshell placement or .pth injection. Tenable discovered and disclosed the flaw on 27 March 2026 after two months of unsuccessful vendor contact (Tenable TRA-2026-26, 2026-03-27); VulnCheck subsequently observed active exploitation in honeypots, with attackers staging test files on victim systems, and Censys data shows roughly 7,000 publicly exposed instances. A patch is now available (Langflow 1.9.0 / langflow-base 0.8.3, with 1.10.0 released 10 June). Technique: T1190 Exploit Public-Facing Application → T1505.003 Web Shell.
CVE Summary Table
| CVE | Product | CVSS | EPSS | KEV | Exploited | Patch | Source |
|---|---|---|---|---|---|---|---|
| CVE-2026-5027 | Langflow (POST /api/v2/files) |
8.8 | n/a | No | Yes (VulnCheck) | 1.9.0 / 1.10.0 | BleepingComputer |
| CVE-2026-41089 | Windows Netlogon (Server 2012–2025) | 9.8 | n/a | No | Yes (CCB Belgium) | May 2026 Patch Tuesday | CERT-EU 2026-007 |
CVE-2026-41089 is carried as a § 4 update — see below; it is listed here for the consolidated vulnerability view.