EXECUTIVE SUMMARY:
A high-severity path traversal vulnerability, CVE-2026-5027 (CVSS Score: 8.8), has been identified in the open-source AI application development platform Langflow and is being actively exploited in the wild. The flaw resides in the /api/v2/files endpoint, where improper sanitization of the filename parameter allows attackers to perform directory traversal using crafted path sequences. Successful exploitation enables arbitrary file writes to locations outside the intended directory, which can be leveraged to achieve unauthorized code execution on vulnerable servers. Security researchers observed attackers using the vulnerability to create files on target systems, indicating active reconnaissance and exploitation efforts. The risk is further amplified by Langflow's default authentication behavior, which may allow attackers to obtain valid session access with minimal interaction. Organizations using affected versions could face server compromise, unauthorized file manipulation, data exposure, and potential disruption of AI workflows if the vulnerability is successfully exploited.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
A high-severity path traversal vulnerability, CVE-2026-5027 (CVSS Score: 8.8), has been identified in the open-source AI application development platform Langflow and is being actively exploited in the wild. The flaw resides in the /api/v2/files endpoint, where improper sanitization of the filename parameter allows attackers to perform directory traversal using crafted path sequences. Successful exploitation enables arbitrary file writes to locations outside the intended directory, which can be leveraged to achieve unauthorized code execution on vulnerable servers. Security researchers observed attackers using the vulnerability to create files on target systems, indicating active reconnaissance and exploitation efforts. The risk is further amplified by Langflow's default authentication behavior, which may allow attackers to obtain valid session access with minimal interaction. Organizations using affected versions could face server compromise, unauthorized file manipulation, data exposure, and potential disruption of AI workflows if the vulnerability is successfully exploited.[emaillocker id="1283"]
RECOMMENDATION:
We recommend you to update Langflow to version 1.10.0. We also recommend you to update the langflow-base package to version 0.8.3.
REFERENCES:
The following reports contain further technical details:
https://www.bleepingcomputer.com/news/security/path-traversal-flaw-in-ai-dev-platform-langflow-exploited-in-attacks/