THREAT OPS › CVEs › CVE-2026-33017
CVE-2026-33017 — Langflow Code Injection Vulnerability
Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication.
Vulnerability details
- Affected productsLangflow
- KEV remediation due2026-04-08
Related reporting
- March 2026 CVE Landscape: 31 High-Impact Vulnerabilities Identified, Interlock Ransomware Group Exploits Cisco FMC Zero-Dayrecordedfuture
- 29th June – Threat Intelligence Reportcheckpoint_research
- 22nd June – Threat Intelligence Reportcheckpoint_research