CVE-2025-3248
Langflow Missing Authentication Vulnerability - [Actively Exploited]
Description
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.
INFO
Published Date :
April 7, 2025, 3:15 p.m.
Last Modified :
May 7, 2025, 4:24 p.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
5.9
Exploitability Score :
3.9
CISA KEV (Known Exploited Vulnerabilities)
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.
Langflow contains a missing authentication vulnerability in the /api/v1/validate/code endpoint that allows a remote, unauthenticated attacker to execute arbitrary code via crafted HTTP requests.
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
This vulnerability affects a common open-source project, third-party library, or a protocol used by different products. For more information, please see: https://github.com/advisories/GHSA-c995-4fw3-j39m ; https://nvd.nist.gov/vuln/detail/CVE-2025-3248
Public PoC/Exploit Available at Github
CVE-2025-3248 has a 42 public PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2025-3248.
| URL | Resource |
|---|---|
| https://github.com/langflow-ai/langflow/pull/6911 | Patch |
| https://github.com/langflow-ai/langflow/releases/tag/1.3.0 | Release Notes |
| https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/ | Exploit Third Party Advisory |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
None
Dockerfile Makefile Shell JavaScript TypeScript Python Batchfile PowerShell Mako HTML
None
Dockerfile Makefile Shell JavaScript TypeScript Python Batchfile PowerShell Mako HTML
None
Python
备份的漏洞库,3月开始我们来维护
None
Lua
None
Python
None
Dockerfile Makefile Shell JavaScript TypeScript Python Mako HTML CSS
None
Dockerfile Makefile Shell JavaScript TypeScript Python Mako HTML CSS
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.
Python
Mass-CVE-2025-3248
Python
CVE-2025-3248
Remote Code Execution Exploit for Langflow (CVE-2025-3248) - [ By S4Tech ]
Python
Powerful unauthenticated RCE scanner for CVE-2025-3248 affecting Langflow < 1.3.0
Python
CVE-2025-3248 – Unauthenticated Remote Code Execution in Langflow via Insecure Python exec Usage
Python
CVE-2025-3248 — Langflow RCE Exploit
Python
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2025-3248 vulnerability anywhere in the article.
-
Cyber Security News
Hackers Exploiting Critical Langflow Vulnerability to Deploy Flodrix Botnet and Take System Control
Langflow, the popular Python framework for rapid AI prototyping, is under siege after researchers disclosed CVE-2025-3248, a flaw in the /api/v1/validate/code endpoint that lets unauthenticated attack ... Read more
-
Dark Reading
Hackers Exploit Critical Langflow Flaw to Unleash Flodrix Botnet
Source: BeeBright via ShutterstockAttackers are actively targeting a critical flaw in a popular Python-based Web app for building AI agents and workflows to unleash a powerful botnet that can cause fu ... Read more
-
The Hacker News
New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks
Cybersecurity researchers have called attention to a new campaign that's actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware. "Attackers u ... Read more
-
Cyber Security News
Hackers Actively Exploiting Langflow RCE Vulnerability to Deploy Flodrix Botnet
Security researchers have uncovered an active cyberattack campaign targeting Langflow servers through CVE-2025-3248, a critical remote code execution vulnerability that allows threat actors to deploy ... Read more
-
Trend Micro
Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet
Summary: Trend™ Research has identified an active campaign exploiting CVE-2025-3248 to deliver the Flodrix botnet. Attackers use the vulnerability to execute downloader scripts on compromised Langflow ... Read more
-
Daily CyberSecurity
Langflow Under Attacks: CVE-2025-3248 Exploited to Deliver Stealthy Flodrix Botnet
Trend Micro has uncovered an active and sophisticated campaign exploiting a critical remote code execution (RCE) vulnerability in Langflow, a popular open-source framework for building AI applications ... Read more
-
europa.eu
Cyber Brief 25-06 - May 2025
Cyber Brief (May 2025)June 3, 2025 - Version: 1TLP:CLEARExecutive summaryWe analysed 328 open source reports for this Cyber Brief1.Relating to cyber policy and law enforcement, in Europe, seven EU Mem ... Read more
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited, Warns CISA
CISA warns of active exploitation of critical Langflow vulnerability (CVE-2025-3248). Critical RCE flaw allows full server takeover. Patch to version 1.3.0 now! In April 2025, cybersecurity researcher ... Read more
-
Help Net Security
Actively exploited FreeType flaw fixed in Android (CVE-2025-27363)
Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that “may be under limited, targeted exploitation.” About CVE-2025-27363 CVE- ... Read more
-
Dark Reading
'Easily Exploitable' Langflow Vulnerability Requires Immediate Patching
Source: Alexey Kotelnikov via Alamy Stock PhotoNEWS BRIEFA critical flaw found in the open source Langflow platform was added to the US Cybersecurity and Infrastructure Security Agency’s (CISA's) Know ... Read more
-
BleepingComputer
Critical Langflow RCE flaw exploited to hack AI app servers
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has tagged a Langflow remote code execution vulnerability as actively exploited, urging organizations to apply security updates and mitig ... Read more
-
TheCyberThrone
CISA Adds Langflow flaw to KEV Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-3248, a critical vulnerability in Langflow, to its Known Exploited Vulnerabilities (KEV) Catalog, citing activ ... Read more
-
Help Net Security
RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248)
A missing authentication vulnerability (CVE-2025-3248) in Langflow, a web application for building AI-driven agents, is being exploited by attackers in the wild, CISA has confirmed by adding it to its ... Read more
-
security.nl
VS meldt actief misbruik van beveiligingslek in AI-software Langflow
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in Langflow, opensourcesoftware voor het ontwikkelen en uitrollen van 'AI-powered agents'. Langflow is een op Python-gebaseerde webappli ... Read more
-
Cyber Security News
CISA Warns of Langflow Missing Authentication Vulnerability Exploited in Attacks
CISA has added a critical Langflow vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, identified as CVE-2025-324 ... Read more
-
The Hacker News
Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence
Cybersecurity / Vulnerability A recently disclosed critical security flaw impacting the open-source Langflow platform has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cy ... Read more
-
Daily CyberSecurity
Android Security Bulletin May 2025: Multi Vulnerabilities Including Actively Exploited CVE-2025-27363
Google has released its Android Security Bulletin for May 2025, highlighting a range of high-severity vulnerabilities affecting Android OS components, third-party chipsets, and the popular FreeType li ... Read more
-
Daily CyberSecurity
Langflow Under Attack: CISA Warns of Active Exploitation of CVE-2025-3248
Image: Horizon3.ai The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-3248 to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active e ... Read more
-
Daily CyberSecurity
CVE-2024-7399: Samsung MagicINFO Vulnerability Now Actively Exploited in the Wild
A critical security vulnerability, CVE-2024-7399, is being actively exploited in the wild in Samsung MagicINFO 9 Server, a content management system (CMS) widely used for managing digital signage disp ... Read more
-
Cyber Security News
Critical Langflow Vulnerability Allows Malicious Code Injection – Technical Details Revealed
Cybersecurity researchers have uncovered a critical remote code execution (RCE) vulnerability in Langflow, an open-source platform widely used for visually composing AI-driven agents and workflows. De ... Read more
The following table lists the changes that have been made to the
CVE-2025-3248 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Initial Analysis by [email protected]
May. 07, 2025
Action Type Old Value New Value Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Added CWE CWE-94 Added CWE CWE-306 Added CPE Configuration OR *cpe:2.3:a:langflow:langflow:*:*:*:*:*:*:*:* versions up to (excluding) 1.3.0 Added Reference Type VulnCheck: https://github.com/langflow-ai/langflow/pull/6911 Types: Patch Added Reference Type VulnCheck: https://github.com/langflow-ai/langflow/releases/tag/1.3.0 Types: Release Notes Added Reference Type VulnCheck: https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/ Types: Exploit, Third Party Advisory -
CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725
May. 06, 2025
Action Type Old Value New Value Added Date Added 2025-05-05 Added Due Date 2025-05-26 Added Required Action Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Added Vulnerability Name Langflow Missing Authentication Vulnerability -
CVE Modified by [email protected]
Apr. 09, 2025
Action Type Old Value New Value Added Reference https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/ -
New CVE Received by [email protected]
Apr. 07, 2025
Action Type Old Value New Value Added Description Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code. Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Added CWE CWE-306 Added Reference https://github.com/langflow-ai/langflow/pull/6911 Added Reference https://github.com/langflow-ai/langflow/releases/tag/1.3.0
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2025-3248 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2025-3248
weaknesses.