CVE-2026-33017 - Vulnerability Analysis
N/aLast Updated: March 20, 2026
Langflow - Remote Code Execution
Published: March 20, 2026Updated: March 20, 2026KEVPoC Available
Overview
Langflow < 1.9.0 contains an unauthenticated remote code execution caused by use of attacker-controlled flow data passed to exec() without sandboxing in /api/v1/build_public_tmp/{flow_id}/flow endpoint, letting remote attackers execute arbitrary Python code, exploit requires no authentication.
Severity & Score
Severity: N/a
EPSS Score: 565.4%(Probability of exploitation in next 30 days)
Impact
Remote attackers can execute arbitrary Python code without authentication, leading to full system compromise.
Mitigation
Update to version 1.9.0 or later.
References
- https://www.acn.gov.it/portale/w/langflow-rilevata-0-day-per-la-cve-2026-33017
- https://www.sysdig.com/blog/cve-2026-33017-how-attackers-compromised-langflow-ai-pipelines-in-20-hours
- https://github.com/advisories/GHSA-rvqx-wpfh-mfx7
- https://github.com/langflow-ai/langflow/commit/73b6612e3ef25fdae0a752d75b0fabd47328d4f0
- https://github.com/langflow-ai/langflow/security/advisories/GHSA-vwmf-pq79-vjvx
Social Media Activity(1 post)
benzogaga33 :verified:
@benzogaga33
Langflow – À peine dévoilée, déjà exploitée : attention à cette faille critique https://www.it-connect.fr/langflow-cve-2026-33017-cyberattaques-mars-2026/ #ActuCybersécurité #Cybersécurité
View original postGitHub Repositories(6 repos)
- https://github.com/z4yd3/PoC-CVE-2026-33017
- https://github.com/SimoesCTT/Sovereign-Echo-33017
- https://github.com/omer-efe-curkus/CVE-2026-33017-Langflow-RCE-PoC
- https://github.com/MaxMnMl/langflow-CVE-2026-33017-poc
- https://github.com/EQSTLab/CVE-2026-33017
- https://github.com/rootdirective-sec/CVE-2026-33017-Lab
Related Resources
Details
- CVE ID
- CVE-2026-33017
- Severity
- N/a
- Type
- remote_code_execution
- Status
- unconfirmed
- EPSS
- 565.4%
- Social Posts
- 1
CWE
- CWE-94
CVSS Metrics
N/A
EPSS Score
565.4%Probability of exploitation in the next 30 days