PYSEC-2026-80
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/langflow/PYSEC-2026-80.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2026-80
- Aliases
- Published
- 2026-03-24T14:16:30.607Z
- Modified
- 2026-05-20T09:19:04.571976Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions 1.0.0 through 1.8.1, the
/api/v1/files/images/{flow_id}/{file_name}endpoint serves image files without any authentication or ownership check. Any unauthenticated request with a known flowid and filename returns the image with HTTP 200. In a multi-tenant deployment, any attacker who can discover or guess aflow_id(UUIDs can be leaked through other API responses) can download any user's uploaded images without credentials. Version 1.9.0 contains a patch. - References
Affected packages
PyPI / langflow
Package
- Name
- langflow
- View open source insights on deps.dev
- Purl
- pkg:pypi/langflow
Affected versions
1.*
1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
1.0.7
1.0.8
1.0.9
1.0.10
1.0.11
1.0.12
1.0.13
1.0.14
1.0.15
1.0.16
1.0.17
1.0.18
1.0.19
1.0.19.post1
1.0.19.post2
1.1.0
1.1.1
1.1.2
1.1.3
1.1.4
1.1.4.post1
1.2.0
1.3.0
1.3.1
1.3.2
1.3.3
1.3.4
1.4.0
1.4.1
1.4.2
1.4.3
1.5.0
1.5.0.post1
1.5.0.post2
1.5.1
1.6.0
1.6.1
1.6.2
1.6.3
1.6.4
1.6.5
1.6.6
1.6.7
1.6.8
1.6.9
1.7.0
1.7.1
1.7.2
1.7.3
1.8.0rc0
1.8.0rc1
1.8.0rc2
1.8.0rc3
1.8.0rc4
1.8.0rc5
1.8.0rc6
1.8.0
1.8.1
1.8.2
1.8.3rc0
1.8.3
1.8.4