CVE-2026-33309 | Langflow v2 API privilege escalation

Inserito da Angelo Barbosa | Mar 19, 2026 | CVE

A vulnerability labeled as problematic has been found in Langflow. Affected is an unknown function of the component v2 API. Such manipulation leads to privilege escalation.

This vulnerability is documented as CVE-2026-33309. The attack requires being on the local network. There is not any exploit available.

CVE-2026-33309 | Langflow v2 API privilege escalation

Post correlati

CVE-2024-6500 | InPost for WooCommerce Plugin/InPost PL Plugin on WordPress authorization

CVE-2024-49627 | Noor Alam WordPress Image SEO Plugin up to 1.1.4 on WordPress cross-site request forgery

CVE-2025-52163 | Agorum Core Open 11.9.2/11.10.1 TunnelServlet server-side request forgery

CVE-2024-39331 | GNU Emacs up to 29.3 lisp/ol.el org-link-expand-abbrev os command injection