A recently disclosed critical security flaw affecting the open source Langflow platform has been added to the known exploited vulnerabilities (KEV) catalog by the US Cybersecurity and Infrastructure Security Agency (CISA) citing evidence of active exploitation.
The vulnerability tracked as CVE-2025-3248 has a CVSS score of 9.8 out of a maximum of 10.0.
“LangFlow lacks an authentication vulnerability in /API/V1/VALIDATE/CODE ENDPOINT, allowing remote, unauthorized attackers to execute arbitrary code via created HTTP requests,” CISA said.
Specifically, the endpoint is known to incorrectly invoke Python’s built-in exec() functions in user-supported code without proper authentication or sandboxing, allowing an attacker to execute any command on the server.
The drawbacks that affect most versions of popular tools are addressed in version 1.3.0, released on March 31, 2025. Horizon 3. The AI is acknowledged to have discovered and reported the defect in February.
The vulnerability is “easy to exploit” and allows unrecognized remote attackers to control the Langflow server, according to the company. The Proof of Concept (POC) exploit has since been published by other researchers as of April 9, 2025.
Data from the attack surface management platform data shows that there are 466 internet-exposed Langflow instances, most of which are concentrated in the US, Germany, Singapore, India, and China.
Currently, it is not clear how vulnerabilities are abused in real-world attacks, who is abused, for what purposes, or for what purposes. The Federal Private Enforcement Division (FCEB) agency has time to apply the amendments until May 26, 2025.
“CVE-2025-3248 highlights the risk of running dynamic code without secure authentication and sandbox measurement,” Zscaler said last month. “This vulnerability serves as an important reminder for organizations to approach code validation capabilities with caution, particularly in applications exposed to the Internet.”
Source link
