CVE-2025-3248

Published: Apr 7, 2025Modified: Nov 6, 2025CISA KEV

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.

Affected (1)

Products: Langflow: Langflow

Langflow

1 product

Langflow

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Langflow Langflow	Before 1.3.0

Related CWEs

CWE-306

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

CWE-94

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (5)

https://github.com/langflow-ai/langflow/pull/6911

Source: disclosure@vulncheck.com

Patch

https://github.com/langflow-ai/langflow/releases/tag/1.3.0

Source: disclosure@vulncheck.com

Release Notes

https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/

Source: disclosure@vulncheck.com

ExploitThird Party Advisory

https://www.vulncheck.com/advisories/langflow-unauthenticated-rce

Source: disclosure@vulncheck.com

Third Party Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-3248

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

US Government Resource

Timeline

No history available yet.