CISA orders feds to prioritize patching Langflow auth bypass flaw
CISA orders federal agencies to patch Langflow auth bypass flaw CVE-2026-55255 by Friday.
Summary
CISA has mandated federal agencies patch an actively exploited authentication bypass vulnerability (CVE-2026-55255) in the Langflow AI agent development framework by Friday. The flaw allows attackers to access other users' flows and sensitive data, with exploitation observed for code execution and implant delivery, likely for financial gain. This follows previous CISA advisories for other Langflow vulnerabilities, including one exploited by the JadePuffer ransomware.
Full text
CISA orders feds to prioritize patching Langflow auth bypass flaw By Sergiu Gatlan July 8, 2026 05:58 AM 0 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies until Friday to patch an actively exploited vulnerability in the Langflow visual framework for building AI agents. Langflow is an attractive target for hackers since it's a popular tool in the AI development ecosystem, offering a drag-and-drop interface to connect nodes into executable pipelines and a REST API to run them programmatically. Tracked as CVE-2026-55255, this Insecure Direct Object Reference (IDOR) security flaw allows authenticated threat actors to access other users' flows by sending a maliciously crafted request to the /api/v1/responses endpoint with the victim's UUID (flow_id). Successful exploitation also enables attackers to access sensitive data processed by the victim's flows and consume their resources. Sysdig's Threat Research Team (TRT) first observed CVE-2026-55255 in-the-wild exploitation on June 25, saying that the objective was "code execution and second-stage implant delivery (loader/dropper class." "From what we observed, it’s clear that the threat actor is opportunistic and financially motivated," the security researchers added. "In short, it’s clear that the motive was money via the two reliable yields of a compromised AI host: its compute (botnet/implant) and its credentials (LLM/cloud keys), both of which were pursued with cheap, repeatable, low-sophistication tooling." On Tuesday, CISA added the CVE-2026-55255 authorization bypass to its Known Exploited Vulnerabilities Catalog (KEV), ordering U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their devices by Friday, as required by Binding Operational Directive (BOD) 26-04. "This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise," the cybersecurity agency warned. "Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines." CISA also added a Langflow missing authentication security issue (CVE-2025-3248) to its KEV catalog in May 2025 and a code injection vulnerability (CVE-2026-33017) in March 2026. The cybersecurity agency flagged the former as exploited by ransomware gangs on Tuesday, after cloud security company Sysdig reported that the JadePuffer ransomware operation used it to dump Langflow's PostgreSQL database. Since June, attackers have also been actively exploiting a high-severity Langflow path traversal vulnerability (CVE-2026-5027) to write arbitrary files on exposed servers, according to VulnCheck security researcher Caitlin Condon. Test every layer before attackers do Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection. Get the whitepaper Related Articles: Critical Langflow RCE flaw exploited to hack AI app serversCISA warns of max severity Ubiquiti flaws exploited in attacksCISA sets urgent deadline to fix Cisco flaw exploited in attacksPath traversal flaw in AI dev platform Langflow exploited in attacksCISA warns of active attacks exploiting Android, Linux bugs
Indicators of Compromise
- cve — CVE-2026-55255
- cve — CVE-2025-3248
- cve — CVE-2026-33017
- cve — CVE-2026-5027