CVE-2025-68477

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-68477
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68477.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-68477
Aliases
Published
2025-12-19T16:43:00.551Z
Modified
2026-01-04T05:42:40.370448Z
Severity
  • 7.7 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVSS Calculator
Summary
Langflow vulnerable to Server-Side Request Forgery
Details

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0, Langflow provides an API Request component that can issue arbitrary HTTP requests within a flow. This component takes a user-supplied URL, performs only normalization and basic format checks, and then sends the request using a server-side httpx client. It does not block private IP ranges (127[.]0[.]0[.]1, the 10/172/192 ranges) or cloud metadata endpoints (169[.]254[.]169[.]254), and it returns the response body as the result. Because the flow execution endpoints (/api/v1/run, /api/v1/run/advanced) can be invoked with just an API key, if an attacker can control the API Request URL in a flow, non-blind SSRF is possible—accessing internal resources from the server’s network context. This enables requests to, and collection of responses from, internal administrative endpoints, metadata services, and internal databases/services, leading to information disclosure and providing a foothold for further attacks. Version 1.7.0 contains a patch for this issue.

Database specific 
{
    "cwe_ids": [
        "CWE-918"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68477.json"
}
References

Affected packages

Git / github.com/langflow-ai/langflow

Affected ranges

Type
GIT
Repo
https://github.com/langflow-ai/langflow
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
b6ed2bc4d9d6a00e4bd8363495edfec6f091ccfc

Affected versions

1.*
1.1.2
1.1.3
1.1.4
1.2.0
1.3.0
1.3.1
1.3.2
1.3.3
1.3.4
1.4.0
1.4.1
1.4.2
1.5.0.post1
1.7.0-pre
1.7.0rc1
v0.*
v0.0.19
v0.0.20
v0.0.21
v0.0.22
v0.0.23
v0.0.24
v0.0.31
v0.0.32
v0.0.33
v0.0.40
v0.0.44
v0.0.45
v0.0.46
v0.0.52
v0.0.53
v0.0.54
v0.0.55
v0.0.56
v0.0.57
v0.0.58
v0.0.61
v0.0.62
v0.0.63
v0.0.64
v0.0.65
v0.0.66
v0.0.67
v0.0.68
v0.0.69
v0.0.70
v0.0.71
v0.0.72
v0.0.73
v0.0.74
v0.0.75
v0.0.76
v0.0.77
v0.0.78
v0.0.79
v0.0.80
v0.0.81
v0.0.82
v0.0.83
v0.0.84
v0.0.85
v0.0.86
v0.0.87
v0.0.88
v0.0.89
v0.1.0
v0.1.2
v0.1.3
v0.1.4
v0.1.5
v0.1.6
v0.1.7
v0.2.0
v0.2.1
v0.2.10
v0.2.11
v0.2.12
v0.2.13
v0.2.2
v0.2.3
v0.2.4
v0.2.5
v0.2.6
v0.2.7
v0.2.8
v0.2.9
v0.3.0
v0.3.1
v0.3.2
v0.3.3
v0.3.4
v0.4.0
v0.4.1
v0.4.10
v0.4.11
v0.4.12
v0.4.14
v0.4.15
v0.4.16
v0.4.17
v0.4.18
v0.4.19
v0.4.2
v0.4.20
v0.4.21
v0.4.3
v0.4.4
v0.4.5
v0.4.6
v0.4.7
v0.4.8
v0.4.9
v0.5.0
v0.5.0a0
v0.5.0a1
v0.5.0a2
v0.5.0a3
v0.5.0a4
v0.5.0a5
v0.5.0a6
v0.5.0b0
v0.5.0b2
v0.5.0b3
v0.5.0b4
v0.5.0b5
v0.5.0b6
v0.5.1
v0.5.10
v0.5.11
v0.5.12
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.6.0a0
v0.6.0rc1
v0.6.1
v0.6.10
v0.6.11
v0.6.12
v0.6.13
v0.6.14
v0.6.15
v0.6.16
v0.6.17
v0.6.18
v0.6.19
v0.6.2
v0.6.3
v0.6.3a0
v0.6.3a1
v0.6.3a2
v0.6.3a3
v0.6.3a4
v0.6.3a5
v0.6.3a6
v0.6.3a7
v0.6.4
v0.6.4a0
v0.6.4a1
v0.6.5
v0.6.5a0
v0.6.5a1
v0.6.5a10
v0.6.5a11
v0.6.5a12
v0.6.5a13
v0.6.5a2
v0.6.5a3
v0.6.5a4
v0.6.5a5
v0.6.5a6
v0.6.5a7
v0.6.5a8
v0.6.5a9
v0.6.6
v0.6.7
v0.6.7a1
v0.6.7a2
v0.6.7a3
v0.6.7a5
v0.6.8
v0.6.9
v1.*
v1.0.0
v1.0.0a11
v1.0.0a12
v1.0.0a13
v1.0.0a14
v1.0.0a15
v1.0.0a17
v1.0.0a18
v1.0.0a19
v1.0.0a20
v1.0.0a21
v1.0.0a22
v1.0.0a23
v1.0.0a24
v1.0.0a26
v1.0.0a27
v1.0.0a28
v1.0.0a29
v1.0.0a30
v1.0.0a31
v1.0.0a32
v1.0.0a33
v1.0.0a34
v1.0.0a35
v1.0.0a36
v1.0.0a37
v1.0.0a38
v1.0.0a4
v1.0.0a40
v1.0.0a41
v1.0.0a42
v1.0.0a43
v1.0.0a44
v1.0.0a45
v1.0.0a46
v1.0.0a47
v1.0.0a48
v1.0.0a49
v1.0.0a5
v1.0.0a50
v1.0.0a51
v1.0.0a52
v1.0.0a53
v1.0.0a55
v1.0.0a56
v1.0.0a57
v1.0.0a58
v1.0.0a59
v1.0.0a6
v1.0.0a60
v1.0.0a7
v1.0.0a8
v1.0.0rc0
v1.0.0rc1
v1.0.1
v1.0.10
v1.0.11
v1.0.12
v1.0.13
v1.0.14
v1.0.15
v1.0.16
v1.0.17
v1.0.18
v1.0.19
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.0.9
v1.1.0
v1.1.1
v1.7.0rc1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68477.json"