CVE-2025-68477

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-68477

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68477.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-68477

Aliases

GHSA-5993-7p27-66g5

Published

2025-12-19T16:43:00.551Z

Modified

2026-04-10T05:35:07.219022Z

Severity

7.7 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVSS Calculator

Summary

Langflow vulnerable to Server-Side Request Forgery

Details

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0, Langflow provides an API Request component that can issue arbitrary HTTP requests within a flow. This component takes a user-supplied URL, performs only normalization and basic format checks, and then sends the request using a server-side httpx client. It does not block private IP ranges (127[.]0[.]0[.]1, the 10/172/192 ranges) or cloud metadata endpoints (169[.]254[.]169[.]254), and it returns the response body as the result. Because the flow execution endpoints (/api/v1/run, /api/v1/run/advanced) can be invoked with just an API key, if an attacker can control the API Request URL in a flow, non-blind SSRF is possible—accessing internal resources from the server’s network context. This enables requests to, and collection of responses from, internal administrative endpoints, metadata services, and internal databases/services, leading to information disclosure and providing a foothold for further attacks. Version 1.7.0 contains a patch for this issue.

Database specific

{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-918"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68477.json"
}

References

Affected packages

Git / github.com/langflow-ai/langflow

Affected ranges

Type: GIT
Repo: https://github.com/langflow-ai/langflow
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

b6ed2bc4d9d6a00e4bd8363495edfec6f091ccfc

Affected versions

1.*

1.1.2

1.1.3

1.1.4

1.2.0

1.3.0

1.3.1

1.3.2

1.3.3

1.3.4

1.4.0

1.4.1

1.4.2

1.5.0.post1

1.7.0-pre

1.7.0rc1

v0.*

v0.0.31

v0.0.69

v0.0.70

v0.0.71

v0.0.72

v0.0.73

v0.0.74

v0.0.75

v0.0.76

v0.0.77

v0.0.78

v0.0.79

v0.0.80

v0.0.81

v0.0.82

v0.0.83

v0.0.84

v0.0.85

v0.0.86

v0.0.87

v0.0.88

v0.0.89

v0.1.0

v0.1.2

v0.1.3

v0.1.4

v0.1.5

v0.1.6

v0.1.7

v0.2.0

v0.2.1

v0.2.10

v0.2.11

v0.2.12

v0.2.13

v0.2.2

v0.2.3

v0.2.4

v0.2.5

v0.2.6

v0.2.7

v0.2.8

v0.2.9

v0.3.0

v0.3.1

v0.3.2

v0.3.3

v0.3.4

v0.4.0

v0.4.1

v0.4.10

v0.4.11

v0.4.12

v0.4.14

v0.4.15

v0.4.16

v0.4.17

v0.4.18

v0.4.19

v0.4.2

v0.4.20

v0.4.21

v0.4.3

v0.4.4

v0.4.5

v0.4.6

v0.4.7

v0.4.8

v0.4.9

v0.5.0

v0.5.0a0

v0.5.0a1

v0.5.0a2

v0.5.0a3

v0.5.0a4

v0.5.0a5

v0.5.0a6

v0.5.0b0

v0.5.0b2

v0.5.0b3

v0.5.0b4

v0.5.0b5

v0.5.0b6

v0.5.1

v0.5.10

v0.5.11

v0.5.12

v0.5.2

v0.5.3

v0.5.4

v0.5.5

v0.5.6

v0.5.7

v0.5.8

v0.5.9

v0.6.0

v0.6.0a0

v0.6.0rc1

v0.6.1

v0.6.10

v0.6.11

v0.6.12

v0.6.13

v0.6.14

v0.6.15

v0.6.16

v0.6.17

v0.6.18

v0.6.19

v0.6.2

v0.6.3

v0.6.3a0

v0.6.3a1

v0.6.3a2

v0.6.3a3

v0.6.3a4

v0.6.3a5

v0.6.3a6

v0.6.4

v0.6.5

v0.6.6

v0.6.7

v0.6.8

v0.6.9

v1.*

v1.0.10

v1.0.11

v1.0.12

v1.0.13

v1.0.14

v1.0.15

v1.0.16

v1.0.17

v1.0.18

v1.0.19

v1.0.2

v1.0.3

v1.0.4

v1.0.5

v1.0.6

v1.0.7

v1.0.8

v1.0.9

v1.1.0

v1.1.1

v1.7.0rc1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68477.json"