CVE-2026-55255 | langflow-ai langflow up to 1.9.1 /api/v1/responses authorization (GHSA-qrpv-q767-xqq2)

Inserito da Angelo Barbosa | Giu 23, 2026 | CVE

A vulnerability, which was classified as critical, was found in langflow-ai langflow up to 1.9.1. This issue affects some unknown processing of the file /api/v1/responses. Executing a manipulation can lead to authorization bypass.

This vulnerability is tracked as CVE-2026-55255. The attack can be launched remotely. No exploit exists.

You should upgrade the affected component.

CVE-2026-55255 | langflow-ai langflow up to 1.9.1 /api/v1/responses authorization (GHSA-qrpv-q767-xqq2)

Post correlati

CVE-2024-46941 | Vivo SystemUI Component Protection Setting permissions

CVE-2024-43791 | steveklabnik request_store 1.3.2 default permission (GHSA-frp2-5qfc-7r8m)

CVE-2026-33262 | PowerDNS Recursor up to 5.2.8/5.3.5/5.4.0 null pointer dereference

CVE-2024-53246 | Splunk Enterprise/Cloud Platform cleartext transmission (SVD-2024-1204)