Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Zerowl

March 20, 2026

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

A serious security flaw in Langflow has been actively exploited within 20 hours of being made public This article explores security flaw langflow. . This shows how quickly threat actors can use newly discovered vulnerabilities to their advantage.

The security flaw, CVE-2026-33017 (CVSS score: 9.3), is a case of code injection and missing authentication that could let someone run code from a distance. Langflow's advisory for the flaw says, "The POST /api/v1/build_public_tmp/{flow_id}/flow endpoint lets you build public flows without needing to log in." "When the optional data parameter is given, the endpoint uses flow data that the attacker controls (which can include any Python code in node definitions) instead of the flow data that is stored in the database."

This code is sent to exec() without any sandboxing, which lets remote code run without being verified.The vulnerability affects all versions of the open-source artificial intelligence (AI) platform before and including 1.8.1. Rapid7's 2026 Global Threat Landscape Report says that the average time between the discovery of a flaw and its addition to CISA's Known Exploited Vulnerabilities (KEV) catalog went from 8.5 days to five days last year.This compression of the timeline makes things very hard for defenders. It went on to say that the average time it takes for organizations to deploy patches is about 20 days, which means that defenders are open and vulnerable for too long.

"Threat actors are watching the same advisory feeds that defenders use, and they are making exploits faster than most companies can check, test, and deploy patches." To be realistic, businesses need to completely rethink their programs for finding weaknesses. Users should update to the latest patched version as soon as possible.

They should also check the environment variables and secrets on any Langflow instance that is open to the public, change the keys and database passwords as a safety measure, keep an eye out for outbound connections to strange callback services, and limit network access to Langflow instances using firewall rules or a reverse proxy with authentication.

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Trending News

Coruna, DarkSword, and Democratizing Nation-State Exploit Kits

Coruna, DarkSword, and Democratizing Nation-State Exploit Kits

Apple Sends Lock Screen Alerts to Old iPhones About Active Web-Based Exploits

Apple Sends Lock Screen Alerts to Old iPhones About Active Web-Based Exploits

Wartime Usage of Compromised IP Cameras Highlight Their Danger

Wartime Usage of Compromised IP Cameras Highlight Their Danger

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Hackers use phishing ZIP files to send PXA Stealer to steal money from banks and other financial institutions.

Hackers use phishing ZIP files to send PXA Stealer to steal money from banks and other financial institutions.

China improves the backdoor it uses to spy on telecom companies around the world.

China improves the backdoor it uses to spy on telecom companies around the world.

Telnyx PyPI Package With 742,000 downloads Compromised in TeamPCP Supply Chain Attack

Telnyx PyPI Package With 742,000 downloads Compromised in TeamPCP Supply Chain Attack

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Attacks on infrastructure that have physical effects are down 25%.

Attacks on infrastructure that have physical effects are down 25%.

How mistakes can help businesses improve their security programs

How mistakes can help businesses improve their security programs