Hacker News
Langflow CVE-2026-33017: CVSS 9.3 Unauthenticated RCE Exploited in the Wild Within 20 Hours of Disclosure
A critical Langflow vulnerability allows attackers to execute arbitrary Python code on any exposed instance with a single unauthenticated HTTP request — no prior access or PoC required. Sysdig observed active exploitation within 20 hours of the advisory being published, before any public exploit code existed; attackers reverse-engineered working exploits directly from the advisory. With 145,000+ GitHub stars and many instances configured with OpenAI, Anthropic, and AWS API keys, a compromised Langflow instance enables immediate lateral movement to cloud accounts.
↳ Follow the thread