CVE-2026-27966 - Vulnerability Analysis
CriticalCVSS: 9.8Last Updated: February 28, 2026
Langflow - Remote Code Execution
Overview
Langflow < 1.8.0 contains a remote code execution caused by hardcoded allow_dangerous_code=True exposing LangChain's python_repl_ast tool, letting attackers execute arbitrary Python and OS commands via prompt injection.
Severity & Score
Impact
Attackers can execute arbitrary Python and OS commands on the server, leading to full remote code execution and system compromise.
Mitigation
Update to version 1.8.0 or later.
References
Social Media Activity(2 posts)
🔴 CVE-2026-27966 - Critical (9.8) Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.8.0, the CSV Agent node in Langflow hardcodes `allow_dangerous_code=True`, which automatically exposes LangChain’s Python REPL tool (`python_repl_a... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27966/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
🚨 CVE-2026-27966 (CRITICAL): langflow-ai langflow (<1.8.0) allows unauthenticated RCE via prompt injection due to hardcoded allow_dangerous_code=True. Patch to 1.8.0+ now! https://radar.offseq.com/threat/cve-2026-27966-cwe-94-improper-control-of-generati-8ac7c0b0 #OffSeq #Vulnerability #Langflow #RCE
View original postRelated Resources
Details
- CVE ID
- CVE-2026-27966
- Severity
- Critical
- CVSS Score
- 9.8
- Type
- remote_code_execution
- Status
- confirmed
- EPSS
- 30.9%
- Social Posts
- 2
CWE
- CWE-94
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H