CVE-2026-55450
published 2026-06-23CVE-2026-55450: Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, unauthenticated users can upload any amount of data to the…
PriorityP356critical9.3CVSS 3.1
AVNACLPRNUINSCCLINAH
EPSS
0.31%
22.7th percentile
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, unauthenticated users can upload any amount of data to the server without any limitations. No need for any prior knowledge, only network access to Langflow. This can lead to space exhaustion on the server. In addition, in the response, the absolute path of the uploaded file is reported to the attacker, which is an information leak that can assist in chaining other primitives. This vulnerability is fixed in 1.9.1.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| langflow-ai | langflow | < 1.9.1 | 1.9.1 |
| langflow | langflow | < 1.9.1 | 1.9.1 |
| langflow | langflow | >= 0 < 1.9.1 | 1.9.1 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
langflow-ai langflow up to 1.9.0 Uploaded File information disclosure (GHSA-x223-p2gf-v735)
vuldb·2026-06-24·CVSS 9.3
CVE-2026-55450 [CRITICAL] langflow-ai langflow up to 1.9.0 Uploaded File information disclosure (GHSA-x223-p2gf-v735)
A vulnerability has been found in langflow-ai langflow up to 1.9.0 and classified as problematic. This affects an unknown part of the component Uploaded File Handler. Performing a manipulation results in information disclosure.
This vulnerability is cataloged as CVE-2026-55450. It is possible to initiate the attack remotely. There is no exploit available.
The affected component should be upgraded.
GHSA
Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak
ghsa·2026-06-17
CVE-2026-55450 [CRITICAL] CWE-200 Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak
Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak
### Summary
Unauthenticated users can upload any amount of data to the server without any limitations. No need for any prior knowledge, only network access to Langflow.
This can lead to space exhaustion on the server.
In adition, in the response, the absolute path of the uploaded file is reported to the attacker, which is an information leak that can assist in chaining other primitives.
Tested on commit 2d67402b1dbaefcbce85a244d4a6cd5e4bda1cfe
### Details
Code is in `langflow/api/v1/[endpoints.py](http://endpoints.py/)`:
```python
@router.post(
"/upload/{flow_id}",
status_code=HTTPStatus.CREATED,
deprecated=True,
)
async def create_upload_file(
file: UploadFile,
flow_id: UUID,
) -> UploadFileRes
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-23
Published