Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.
{ "github_reviewed_at": "2025-06-17T20:14:26Z", "severity": "CRITICAL", "nvd_published_at": null, "cwe_ids": [ "CWE-94" ], "github_reviewed": true }