anonhaven
Ad

CVE-2026-33873

CRITICAL CVSS 4.0: 9.3
Updated Mar 27, 2026
Python
Parameter Value
CVSS 9.3 (CRITICAL)
Type CWE-94 (Code Injection)
Vendor Python
Public PoC No

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.9.0, the Agentic Assistant feature in Langflow executes LLM-generated Python code during its validation phase. Although this phase appears intended to validate generated component code, the implementation reaches dynamic execution sinks and instantiates the generated class server-side.

In deployments where an attacker can access the Agentic Assistant feature and influence the model output, this can result in arbitrary server-side Python execution. Version 1.9.0 fixes the issue.

Attack Parameters

Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
Low
Basic privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
None
No disruption

CVSS Vector v4.0

Weakness Type (CWE)

CWE-94 Code Injection

References 16

https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cf…
security-advisories@github.com
https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cf…
security-advisories@github.com
https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cf…
security-advisories@github.com
https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cf…
security-advisories@github.com
https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cf…
security-advisories@github.com
https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cf…
security-advisories@github.com
https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cf…
security-advisories@github.com
https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cf…
security-advisories@github.com
https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cf…
security-advisories@github.com
https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cf…
security-advisories@github.com
https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cf…
security-advisories@github.com
https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cf…
security-advisories@github.com
https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cf…
security-advisories@github.com
https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cf…
security-advisories@github.com
https://github.com/langflow-ai/langflow/blob/f7f4d1e70ba5eecd18162ec96f3571c2cf…
security-advisories@github.com
https://github.com/langflow-ai/langflow/security/advisories/GHSA-v8hw-mh8c-jxfc
security-advisories@github.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-33992

Python

9.3

CVE-2026-33936

Python

5.3

CVE-2026-33699

Python

4.6

CVE-2026-33682

Python

4.7

CVE-2026-33545

Python

5.3