Vulnerabilities > Langflow

DATE	CVE	VULNERABILITY TITLE	RISK
2025-04-07	CVE-2025-3248	Missing Authentication for Critical Function vulnerability in Langflow Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. network low complexity langflow CWE-306 critical	9.8
2024-06-10	CVE-2024-37014	Unspecified vulnerability in Langflow Langflow through 0.6.19 allows remote code execution if untrusted users are able to reach the "POST /api/v1/custom_component" endpoint and provide a Python script. network low complexity langflow critical	9.8

Vulnerabilities > Langflow {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Langflow"}]}