top of page
perceptive_background_267k.jpg

Langflow is a tool for building and deploying AI-powered agents and workflows. An unauthenticated remote shell injection vulnerability exists in multiple GitHub…

Published:

23 maart 2026 om 23:00:00

Alert date:

24 maart 2026 om 20:06:33

Source:

nvd.nist.gov

Click to open the original link from this advisory

Supply Chain & Dependencies, Web Technologies

An unauthenticated remote shell injection vulnerability exists in Langflow's GitHub Actions workflows prior to version 1.9.0. Attackers can inject arbitrary shell commands via malicious branch names or pull request titles through unsanitized GitHub context variables. This leads to secret exfiltration, infrastructure manipulation, and supply chain compromise during CI/CD execution. The vulnerability affects multiple workflow files and allows full access to CI secrets like GITHUB_TOKEN. Version 1.9.0 patches the issue by properly sanitizing user-controlled input.

Technical details

Mitigation steps:

Affected products:

Langflow

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-33475
https://github.com/langflow-ai/langflow/security/advisories/GHSA-87cc-65ph-2j4w

Related CVE's:

Related threat actors:

IOC's:

attacker.site

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page