A critical Langflow vulnerability (CVE-2026-33017) enabling unauthenticated remote code execution via a public endpoint was weaponized and observed in the wild within 20 hours of disclosure. Attackers scanned for vulnerable instances, exfiltrated keys and credentials, and staged follow-on payloads, prompting urgent calls to patch, rotate secrets, and restrict access. #Langflow #CVE-2026-33017
Keypoints
- The flaw (CVE-2026-33017) combines missing authentication with attacker-supplied Python code passed to exec(), allowing unauthenticated RCE.
- The vulnerability affects all Langflow versions up to and including 1.8.1 and is addressed in development version 1.9.0.dev8.
- Exploitation was observed within 20 hours of disclosure, with attackers creating working exploits from the advisory despite no public PoC.
- Successful attacks led to credential and key exfiltration, environment-file harvesting, and delivery of next-stage payloads from a remote host.
- Immediate mitigations include updating Langflow, rotating secrets and database credentials, auditing exposed instances, monitoring outbound callbacks, and restricting network access.
Read More: https://thehackernews.com/2026/03/critical-langflow-flaw-cve-2026-33017.html