CISA added a critical code injection flaw in Langflow to its Known Exploited Vulnerabilities catalog on March 25, 2026. The vulnerability, CVE-2026-33017, allows unauthenticated attackers to execute malicious code on the popular AI workflow platform without any credentials.
Langflow is an open-source tool used to build AI and large language model workflows in enterprise environments. The flaw bypasses all access controls, letting hackers inject scripts directly into workflows and potentially steal sensitive data or attack connected systems.
Federal agencies must patch by April 8, 2026. Organizations unable to update should discontinue using Langflow immediately until a permanent fix is available.
Source: Cybersecurity News