Langflow is a tool for building and deploying AI-powered agents and workflows. In versions 1.0.0 through 1.8.1, the `/api/v1/files/images/{flow_id}/{file_name}`…

CVE-2026-33484 affects Langflow versions 1.0.0 through 1.8.1, a tool for building and deploying AI-powered agents and workflows. The vulnerability allows unauthenticated access to image files through the `/api/v1/files/images/{flow_id}/{file_name}` endpoint without any authentication or ownership checks. In multi-tenant deployments, attackers can download any user's uploaded images by discovering or guessing flow_id values (UUIDs that may be leaked through other API responses). The vulnerability poses a significant data exposure risk in environments where sensitive images are uploaded. Version 1.9.0 contains a patch that addresses this authentication bypass issue.