Critical Path Traversal in Langflow AI Development Platform (CVE‑2026‑5027) Enables Unauthenticated File Write

Critical Path Traversal in Langflow AI Development Platform (CVE‑2026‑5027) Enables Unauthenticated File Write

What It Is — A high‑severity path‑traversal flaw (CVE‑2026‑5027) in Langflow’s /api/v2/files upload endpoint allows an attacker to write arbitrary files to the filesystem of any exposed instance.

Exploitability — The vulnerability is being actively exploited in the wild; attackers can obtain a session token without credentials and upload malicious payloads. Tenable rates the issue “high”; a public CVSS score has not yet been published.

Affected Products — Langflow open‑source visual AI‑app builder (all versions prior to 1.9.0; base package < 0.8.3). Roughly 7 000 publicly reachable deployments have been identified.

TPRM Impact — Supply‑chain risk for enterprises that embed Langflow in internal AI pipelines or expose it as a service. Unchecked file writes can lead to ransomware drop, credential theft, or data exfiltration on downstream systems.

Recommended Actions —

• Immediately upgrade all Langflow instances to version 1.10.0 (or at least 1.9.0/0.8.3).
• Disable unauthenticated auto‑login or enforce strict authentication on the /api/v2/files endpoint.
• Apply filename sanitization and restrict write permissions to dedicated directories.
• Conduct an inventory scan for exposed Langflow instances and isolate any that cannot be patched.
• Monitor logs for anomalous file‑upload activity and validate integrity of existing files.

Source: BleepingComputer