Zero Day MonitorZDM

← Back to list

9.6

CVE-2026-48519EXPLOITEDPATCHED

langflow · langflow

Langflow: Unauthenticated RCE in Shareable Playgrounds

Description

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, the "Shareable Playground" (or "Public Flows" in code) contains a critical RCE vulnerability. Shareable Playground feature works by enabling the execution of workflows by unauthenticated users, by accessing a link. Specifically, it enables the route /api/v1/build_public_tmp to execute any public flow, given a public flow ID. When the route executes the flow, it allows for providing arbitrary custom Python code as the nodes code, inside the JSON payload. The vulnerable field is data.nodes[X].data.node.template.code.value. This vulnerability is fixed in 1.9.2.

Affected Products

Vendor	Product	Versions
langflow	langflow	< 1.9.2

References

https://github.com/langflow-ai/langflow/security/advisories/GHSA-v5ff-9q35-q26f(x_refsource_CONFIRM)

Related News (2 articles)

Tier C

VulDB4d ago

CVE-2026-48519 | langflow-ai langflow up to 1.9.1 Shareable Playground Feature /api/v1/build_public_tmp code injection (GHSA-v5ff-9q35-q26f)

→ No new info (linked only)

Tier B

BSI Advisories30d ago

[NEU] [hoch] Langflow: Mehrere Schwachstellen

→ No new info (linked only)

CVSS 3.19.6 CRITICAL

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

langflow@1.9.2

CWECWE-94

PublishedJun 16, 2026

Last enriched4d agov2

Tags

GHSA-v5ff-9q35-q26fpip

Trending Score39

Source articles2

Independent2

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-55255EXPKEV

Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow

MEDIUMCVE-2026-55446EXP

Langflow: Unauthenticated DoS through multipart form boundary file upload

CRITICALCVE-2026-42867EXP

Langflow: Path Traversal in Knowledge Bases API via Creation Endpoint

HIGHCVE-2026-55450EXP

Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak

HIGHCVE-2026-55423

Langflow: Logout button does not clear session

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 16, 2026

Discovered by ZDM

Jun 16, 2026

Updated: affectedVersions, activelyExploited

Jun 23, 2026

Actively Exploited

Jun 24, 2026

Patch Available

Jun 24, 2026

Version History

v2

Last enriched 4d ago

v2Tier C4d ago

Updated affected versions to include 1.9.1, marked exploit availability as false, and noted that the vulnerability is actively exploited.

affectedVersionsactivelyExploited

via VulDB

v111d ago

Initial creation