🚨 CRITICAL ALERT: Active Zero-Day Exploits

Langflow deployments running vulnerable versions are exposed to a critical chained attack that can lead to account takeover and remote code execution. CVE-2025-34291 is now listed in CISA KEV, indicating confirmed real-world exploitation. Because the attack can be triggered via a malicious webpage and results in session hijacking followed by code execution, affected systems should be treated as an immediate incident-response priority.

Critical Vulnerabilities (CVSS >= 8.0)

• CVE-2025-34291 (CVSS: 9.4): Langflow versions up to and including 1.6.9 contain a chained vulnerability enabling account takeover and remote code execution. An overly permissive CORS configuration combined with refresh-token cookies set to SameSite=None allows cross-origin credentialed requests to the refresh endpoint, exposing fresh access and refresh tokens for a victim session. With valid tokens, an attacker can reach authenticated code-execution functionality and achieve full system compromise. View NVD | CISA KEV

⚡ Immediate Actions Required

Upgrade Langflow immediately to a fixed release. If upgrading cannot be performed at once, disable credentialed cross-origin requests, restrict allowed CORS origins to trusted hosts only, and place the service behind strict network controls. Review authentication logs, browser-based access patterns, and any suspicious use of token refresh or code-execution endpoints. Assume compromise if the service was exposed publicly and accessed by untrusted users or browsers.