Langflow is a tool for building and deploying AI-powered agents and workflows. In versions 1.0.0 through 1.8.1, the `/api/v1/files/images/{flow_id}/{file_name}`…

Langflow versions 1.0.0 through 1.8.1 contain an authentication bypass vulnerability in the image file serving endpoint. The /api/v1/files/images/{flow_id}/{file_name} endpoint serves image files without any authentication or ownership verification. In multi-tenant deployments, attackers can access any user's uploaded images by discovering or guessing flow IDs. UUIDs can be leaked through other API responses, making exploitation possible. The vulnerability allows unauthorized access to user images with HTTP 200 responses. Version 1.9.0 contains a patch that addresses this security issue.