THREATNOIR
Subscribe
Back to Feed
VulnerabilitiesApr 2, 2026

‼️ CVE-2026-5027: Langflow Path Traversal to Remote Code Execution PoC CVSS: 8.8 GitHub: https:...

CVE-2026-5027: Langflow path traversal vulnerability enables remote code execution.

Read at source

Summary

A critical path traversal vulnerability (CVE-2026-5027) has been disclosed in Langflow with a CVSS score of 8.8, allowing remote code execution. A proof-of-concept exploit has been published on GitHub, increasing the immediate risk to deployments. Organizations running Langflow should prioritize patching or isolation measures.

Indicators of Compromise

  • cve — CVE-2026-5027

Entities

Langflow (product)