1 results (0.002 seconds)
CVSS: 10.0EPSS: 68%CPEs: 1EXPL: 2
CVSS: 10.0EPSS: 68%CPEs: 1EXPL: 2CVE-2025-3248 – Langflow Unauth RCE
https://notcve.org/view.php?id=CVE-2025-3248
07 Apr 2025 — Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code. Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code. • https://packetstorm.news/files/id/190465 • CWE-306: Missing Authentication for Critical Function •