Vulnerabilities

Hackers Exploit Langflow Vulnerability for Remote Code Execution

Disclosed in March, the security defect enables unauthenticated attackers to write files to arbitrary locations on the system.

Published

Zero-day vulnerability

Threat actors have begun exploiting a high-severity vulnerability in the popular low-code AI development platform Langflow, according to VulnCheck.

Tracked as CVE-2026-5027 (CVSS score of 8.8), the security defect is described as a path traversal issue that allows attackers to write files to arbitrary locations on the system.

“The ‘POST /api/v2/files’ endpoint does not sanitize the ‘filename’ parameter from the multipart form data, allowing an attacker to write files to arbitrary locations on the filesystem using path traversal sequences (‘../’),” a NIST advisory reads.

Successful exploitation of the bug, VulnCheck VP of security research Caitlin Condon warns, allows unauthenticated attackers to execute arbitrary code on vulnerable instances.

“The flaw can enable remote code execution (RCE), and because Langflow enables unauthenticated auto-login by default, attackers can reach the vulnerable endpoint without credentials,” VulnCheck told SecurityWeek.

Threat actors can send a single unauthenticated request to obtain a valid session token and then proceed to exploit CVE-2026-5027, it says.

Advertisement. Scroll to continue reading.

According to VulnCheck, the observed in-the-wild exploitation attempts successfully leveraged the path traversal to drop test files on victim systems.

The potential attack surface appears broad, with approximately 7,000 Langflow instances accessible from the internet, most of them in North America.

“The activity underscores a growing trend of attackers targeting the infrastructure and tooling that organizations use to build and deploy AI applications,” VulnCheck said.

CVE-2026-5027 was disclosed publicly on March 27 by Tenable, after a series of failed disclosure attempts. 

SecurityWeek has emailed Langflow for a statement and will update this article if it responds.

Related: ‘GreatXML’ Zero-Day Exploit Bypasses BitLocker

Related: Critical Langflow Vulnerability Exploited Hours After Public Disclosure

Related: Splunk, Palo Alto Networks Patch Severe Vulnerabilities

Related: ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Phoenix Contact

In this article:, , ,

Related Content

Ivanti vulnerability exploited

Vulnerabilities

Ivanti Sentry Exploitation Attempts Hitting Honeypots

The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges.

1 day ago

Vulnerabilities

Chrome 149 Update Patches 28 Vulnerabilities

The browser refresh resolved critical and high-severity security defects, including a dozen use-after-free bugs.

1 day ago

Cybercrime

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation.

2 days ago

Vulnerabilities

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

Oracle has released mitigations for CVE-2026-35273, but it has not said whether it’s a zero-day exploited in ShinyHunters attacks.

2 days ago

Government

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk

The new BOD 26-04 requires agencies to review and update vulnerability management policies with a focus on KEV catalog entries.

2 days ago

Vulnerabilities

Splunk, Palo Alto Networks Patch Severe Vulnerabilities

The security defects could allow attackers to create or modify arbitrary files and access and modify protected resources.

2 days ago

Vulnerabilities

Microsoft Patches Exploited Exchange Server Vulnerability

The company warned about zero-day attacks exploiting the Exchange Server vulnerability CVE-2026-42897 on May 14. 

3 days ago

ICS/OT

Critical HVAC and UPS Vulnerabilities Could Let Hackers Disrupt Data Centers

Claroty researchers have analyzed the security of Vertiv UPS network cards and the Trane Tracer SC+ HVAC controller.

3 days ago

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version