Package impact
PyPI / langflow
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-33017 | critical | 9.8 | 10.0 | 3mo ago | Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication. | |||
| CVE-2026-42048 | critical | 9.6 | 9.6 | 22d ago | Langflow Knowledge Bases API is Vulnerable to Path Traversal |