CVE-2025-3248

Published Apr 7, 2025

Last updated a month ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-3248 is a code injection vulnerability that affects Langflow versions prior to 1.3.0. It exists in the `/api/v1/validate/code` endpoint, where a remote, unauthenticated attacker can send crafted HTTP requests to execute arbitrary code on the server. This vulnerability allows attackers to gain control of vulnerable Langflow servers without needing authentication. To remediate this vulnerability, users are advised to upgrade to Langflow version 1.3.0 or restrict network access to the application.

Description
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.
Source
disclosure@vulncheck.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Known exploits

Data from CISA

Vulnerability name
Langflow Missing Authentication Vulnerability
Exploit added on
May 5, 2025
Exploit action due
May 26, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

disclosure@vulncheck.com
CWE-306
nvd@nist.gov
CWE-94

Social media

Hype score
Not currently trending
  1. Actively exploited CVE : CVE-2025-3248

    @transilienceai

    3 Jun 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. (🧵Thread) CVE-2025-3248: Renewed Interest in Langflow Remote Code Execution Key findings: 🔹 Despite initial hacker interest after the exploit's public release (April 9), attacks detected by the CrowdSec Network plummeted to near zero within days, likely due to rapid detec

    @Crowd_Security

    2 Jun 2025

    248 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  3. Actively exploited CVE : CVE-2025-3248

    @transilienceai

    2 Jun 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  4. GitHub - tiemio/RCE-CVE-2025-3248: This Python script exploits CVE-2025-3248 to execute arbitrary commands or spawn a reverse shell on a vulnerable system. Authentication is required to use this exploit. https://t.co/xRbdKjQpuL

    @akaclandestine

    1 Jun 2025

    771 Impressions

    0 Retweets

    4 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  5. Actively exploited CVE : CVE-2025-3248

    @transilienceai

    27 May 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  6. #threatreport #LowCompleteness Langflow: CVE-2025-3248: Active Exploitation | 23-05-2025 Source: https://t.co/GWEJMHdwVw Key details below ↓ 🏭Industry: Government 🌐Geo: Singapore, Australia, Taiwan, Belgium, China, Israel, Germany, Hong kong, Brazil, Korea, Mexico, Thai

    @rst_cloud

    24 May 2025

    118 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. 🚨 New CVE Alert: CVE-2025-3248 A critical missing authentication vulnerability affecting Langflow versions before 1.3.0 has been identified, with active exploitation attempts already observed in the wild. Our latest blog breaks down the risk, real-world activity, and how to ht

    @RecordedFuture

    23 May 2025

    686 Impressions

    2 Retweets

    2 Likes

    1 Bookmark

    1 Reply

    1 Quote

  8. 【MBSD-SOCの検知傾向トピックス】 2025年4月分#MBSD#SOCの検知傾向トピックスを公開しました。 今月は、Langflowの脆弱性(CVE-2025-3248)を狙った攻撃を観測しました。 ▼詳しくはこちらをご覧ください https://t.co/nMp

    @mbsdnews

    16 May 2025

    920 Impressions

    2 Retweets

    4 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  9. ⚠️ Faille critique dans #Langflow (CVE-2025-3248) Une exécution de code à distance via exec() accessible sans authentification 😱 Article complet 👉 https://t.co/OOGZprNpJg #RCE #Cybersecurity #Python #OpenSource #IA https://t.co/fqnm8ZqzOf

    @IA_Insights_

    11 May 2025

    8 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  10. آسیب پذیری جدیدی با کد شناسایی CVE-2025-3248 برای فریمورک Langflow منتشر شده است. این فریمورک که open source می باشد ، برای ساخت language model applications استفاده می شود. هکرها با اس

    @AmirHossein_sec

    10 May 2025

    59 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. Actively exploited CVE : CVE-2025-3248

    @transilienceai

    10 May 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  12. Attackers are hijacking #AI apps using a Langflow vulnerability (CVE-2025-3248). Unpatched AI workflows are being remotely taken over. If you run Langflow, patch now. https://t.co/weEIyqyK8E

    @top10vpn

    10 May 2025

    97 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. The critical command injection vulnerability (CVE-2025-3248) disclosed in the Langflow web app last month is now being actively exploited, and Censys researcher Jackson Roilf explains the potential impact of the bug and how widespread the exploitation is. https://t.co/JkFYIIY5zt

    @censysio

    9 May 2025

    1710 Impressions

    7 Retweets

    11 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  14. CYBER ALERT 🚨 Langflow users: CVE-2025-3248 allows attackers to run code on your servers—putting AI apps, data, and uptime at risk. Update to v1.3.0 or isolate access now. #Langflow #CyberAlert #RCE #PatchNow #CVE20253248 #ZeroDay #AItools #TechNews https://t.co/MgZjcDT3kE

    @Ferrum_IT

    7 May 2025

    54 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  15. CVE-2025-3248 : Critical Langflow RCE flaw exploited to hack AI app servers https://t.co/mATBPqedC7 https://t.co/BbNh6UyVlo

    @freedomhack101

    7 May 2025

    75 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a serious security vulnerability in Langflow, an open-source AI workflow platform, that is now being actively exploited. The flaw, tracked as CVE-2025-3248, allows attackers to take full control of

    @Operator7771337

    7 May 2025

    61991 Impressions

    0 Retweets

    1 Like

    5 Bookmarks

    0 Replies

    0 Quotes

  17. 📌 CISA adds actively exploited Langflow flaw (CVE-2025-3248, CVSS 9.8) to KEV catalog. #CyberSecurity #Vulnerability https://t.co/yMh3L7kFpS https://t.co/3Ef9GSlGlg

    @CyberHub_blog

    7 May 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. 🗞️ Critical Langflow RCE Vulnerability Actively Exploited to Compromise AI Servers CISA warns of active exploitation of CVE-2025-3248, a critical Langflow RCE flaw allowing unauthenticated attackers to seize control of AI app servers. Organizations must urgently update to h

    @gossy_84

    7 May 2025

    100 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. 🚨 Actively Exploited: CVE-2025-3248 – Langflow Remote Code Execution Flaw 🚨  CISA has added Langflow’s unauthenticated RCE vulnerability to its known exploited list, urging immediate action.  About the vulnerability:  • Affects Langflow < v1.3.0  • Unau

    @modat_magnify

    7 May 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. 米国CISAが悪用を確認した脆弱性 #KEV をカタログに追加しました。 🛡️No.1332 CVE-2025-3248 Langflow Missing Authentication Vulnerability ============= CVSSスコア:9.8 (Base) / VulnCheck CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 種別:重要

    @piyokango

    7 May 2025

    6361 Impressions

    2 Retweets

    10 Likes

    1 Bookmark

    0 Replies

    1 Quote

  21. クリティカルなLangflow RCE欠陥が利用され、AIアプリのサーバーがハッキングされる(CVE-2025-3248) https://t.co/b69s8LBg6P #Security #セキュリティ #ニュース

    @SecureShield_

    7 May 2025

    49 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  22. 「容易に悪用可能な」Langflowの脆弱性は、即時のパッチ適用が必要(CVE-2025-3248) https://t.co/0zKXsluTc8 #Security #セキュリティ #ニュース

    @SecureShield_

    7 May 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. [Critical vulnerability CVE-2025-3248 in Langflow] A critical CVE-2025-3248 vulnerability has been discovered in the Langflow platform, which allows remote execution of arbitrary code without authentication. The vulnerability is already actively used by attackers in real https:/

    @NGT_Cybercrime

    6 May 2025

    69 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. Langflowに認証なしでリモートコード実行を可能にする重大な脆弱性(CVE-2025-3248)が発見された。Pythonのexec()関数の不適切な使用により、攻撃者が任意のコマンドを実行可能。バージョン1.3.0で修正されたが、

    @01ra66it

    6 May 2025

    155 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  25. 🚨 Langflow RCE flaw (CVE-2025-3248) hits CISA KEV list Unauthenticated attackers can run arbitrary Python code via a public API—460+ servers exposed. Patch by May 26. https://t.co/Zhmrgagb0G #CyberSecurity #RCE https://t.co/pN3JlvWvf9

    @dCypherIO

    6 May 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. 🔴 Hay una falla crítica de RCE (CVE-2025-3248) que permite a cualquier cibercriminal tomar el control de servidores Langflow. Langflow es una herramienta de programación visual de código abierto para crear flujos de trabajo basados ​​en LLM mediante componentes de Lang

    @MarquisioX

    6 May 2025

    46 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  27. ⚠️ A critical RCE vulnerability, CVE-2025-3248, in Langflow has been exploited, allowing attackers to take control of servers via a flawed API. Upgrade to version 1.3.0 to mitigate risks. #Langflow #RCE #USA link: https://t.co/r4bcXK53YG https://t.co/8c3G7VjC0x

    @TweetThreatNews

    6 May 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. CVSS 9.8 Alert 🚨 CVE-2025-3248 has been identified in Langflow, a tool used for building applications with Large Language Models (LLMs). This vulnerability, a "Missing Authentication Vulnerability" in the /api/v1/validate/code endpoint, allows remote, unauthenticated attackers

    @cytexsmb

    6 May 2025

    104 Impressions

    0 Retweets

    3 Likes

    1 Bookmark

    0 Replies

    2 Quotes

  29. RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248) https://t.co/7sMDybMdad #HelpNetSecurity #Cybersecurity https://t.co/9ua2lOCyU5

    @PoseidonTPA

    6 May 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  30. 🚨 CVE Alert: Langflow Missing Authentication Vulnerability Exploited In The wild 🚨 Vulnerability Details:CVE-2025-3248 (CVSS v3 9.8/10) Langflow Missing Authentication Vulnerability Impact: A Successful exploit may allows a remote, unauthenticated attacker to execute htt

    @CyberxtronTech

    6 May 2025

    56 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  31. 📌 Critical security flaw in open-source platform Langflow added to CISA's KEV catalog due to active exploitation. Vulnerability CVE-2025-3248 scores 9.8/10.0. #CyberSecurity #Langflow https://t.co/4rg2Wx34Km https://t.co/gOUXV3DxDu

    @CyberHub_blog

    6 May 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  32. 📌 تم إضافة ثغرة أمنية حادة تؤثر على منصة Langflow مفتوحة المصدر إلى قائمة الثغرات المعروفة المستغلة (KEV) من قبل وكالة الأمن السيبراني الأمريكية (CISA)، نظراً لل

    @Cybercachear

    6 May 2025

    60 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  33. 🛑 Critical Langflow Flaw Actively Exploited! CISA has added CVE-2025-3248 to its Known Exploited Vulnerabilities list. • CVSS: 9.8 • Affects most Langflow versions • Allows remote code execution without login • PoC exploit published April 9 • 466 servers exposed wo

    @TheHackersNews

    6 May 2025

    12530 Impressions

    25 Retweets

    50 Likes

    7 Bookmarks

    2 Replies

    1 Quote

  34. 🗣️ Langflow Under Attack: CISA Warns of Active Exploitation of CVE-2025-3248 https://t.co/dh5J1HWano

    @fridaysecurity

    5 May 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  35. Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-3248 #Langflow Missing Authentication Vulnerability https://t.co/FDyDqGXhWP

    @ScyScan

    5 May 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  36. 🛡️ We added a Langflow missing authentication vulnerability CVE-2025-3248 to our Known Exploited Vulnerabilities Catalog. Visit Redirect to https://t.co/bJOgGeWmb8 & apply mitigations to protect your org from cyberattacks. https://t.co/yuLD3FJm8y

    @CISACyber

    5 May 2025

    808 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    1 Quote

  37. 『The issue resides in the platform’s /api/v1/validate/code endpoint, which improperly invokes Python’s built-in exec() function on user-supplied code without authentication or sandboxing.』 CVE-2025-3248: RCE vulnerability in Langflow https://t.co/CpWbbJaAnO

    @autumn_good_35

    24 Apr 2025

    467 Impressions

    0 Retweets

    3 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  38. Critical RCE flaw (CVE-2025-3248) hits Langflow, allowing unauthenticated attackers to execute arbitrary code. Patch to v1.3.0 now! This follows the recent PyTorch vuln, signaling major RCE risks in AI tools. 🛡️ #Cybersecurity #Langflow #AI https://t.co/HzhqmhaYMe

    @_F2po_

    23 Apr 2025

    54 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  39. CVE-2025-3248 is a vulnerability that allows attackers to perform remote code execution by exploiting Langflow’s API endpoint. Mitigate this vulnerability immediately by updating to version 1.3.0. Learn more here: https://t.co/4d2zWD7xVI https://t.co/piYN2T9fUc

    @Threatlabz

    23 Apr 2025

    30 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  40. Metasploitが最新アップデートを発表。新オプション「PIPE_FETCH」でfetch payloadのコマンドサイズを大幅削減。BentoML(CVE-2025-27520)とLangflow(CVE-2025-3248)のRCEモジュール追加。各種モジュールの機能強化とバグ修正も実施。 https://t.co/URXHp3fibR

    @01ra66it

    19 Apr 2025

    2463 Impressions

    6 Retweets

    48 Likes

    9 Bookmarks

    1 Reply

    0 Quotes

  41. 🚨 AI devs, CVE-2025-3248 is a NIGHTMARE! 😱 Hackers can OWN your Langflow server w/ ZERO auth—CVSS 9.8 critical! Exploits are LIVE on TOR. Don’t let your AI workflows get pwned. 🛡️ Click for the ultimate guide to patch & protect + real PoCs. Be the hero who locks it do

    @Squid_Sec

    16 Apr 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. Top 5 Trending CVEs: 1 - CVE-2021-35587 2 - CVE-2025-30406 3 - CVE-2023-43622 4 - CVE-2025-24813 5 - CVE-2025-3248 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    13 Apr 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  43. Hello. Today's 1day1ilne is CVE-2025-3248. https://t.co/BrsOFHQOpU A code injection vulnerability was discovered in LangFlow, an AI agent build and deployment tool. It seems to be a vulnerability that must be considered in the structure that executes the code created by LLM.

    @hackyboiz

    13 Apr 2025

    910 Impressions

    4 Retweets

    18 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  44. New post from https://t.co/uXvPWJy6tj (Exploit Attempts for Recent Langflow AI Vulnerability (CVE-2025-3248), (Sat, Apr 12th)) has been published on https://t.co/Ks75lZZEqe https://t.co/mHthKlfdvo

    @WolfgangSesin

    13 Apr 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  45. Exploit Attempts for Recent Langflow AI Vulnerability (CVE-2025-3248) https://t.co/JF0V9puOft https://t.co/Zq10T16GZG

    @sans_isc

    13 Apr 2025

    1845 Impressions

    0 Retweets

    3 Likes

    2 Bookmarks

    1 Reply

    1 Quote

  46. Python製のWebアプリケーションLangflowに未認証のまま/api/v1/validate/codeエンドポイントを介して遠隔から任意コードを実行できる深刻な脆弱性(CVE-2025-3248)が報告された。 攻撃者は環境変数やシステム情報を窃取でき、最悪の場合はサーバを完全に制御される恐れがある。

    @yousukezan

    11 Apr 2025

    1888 Impressions

    4 Retweets

    9 Likes

    5 Bookmarks

    0 Replies

    0 Quotes

  47. 🚨 CVE-2025-3248 - critical 🚨 Langflow AI - Unauthenticated Remote Code Execution > Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/val... 👾 https://t.co/T1ebXcxBJj @pdnuclei #NucleiTemplates #cve

    @pdnuclei_bot

    10 Apr 2025

    65 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  48. CVE-2025-3248 : Abusing Python Exec for Unauth RCE in Langflow AI https://t.co/Jti0akPbPu https://t.co/S5sPwJvotT

    @freedomhack101

    10 Apr 2025

    64 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  49. We discovered an interesting code injection vulnerability, CVE-2025-3248, affecting #Langflow, a popular agentic AI workflow tool. This enables unauthenticated attackers to fully compromise Langflow servers. https://t.co/o3YQ3fE4XR

    @Horizon3Attack

    9 Apr 2025

    4307 Impressions

    31 Retweets

    58 Likes

    27 Bookmarks

    0 Replies

    1 Quote

  50. #CVE-2025-3248 #DeepSeek 在复现LangFlow 的代码执行漏洞,直接把出现漏洞的代码丢给DeepSeek,它成功构造出了漏洞利用代码,甚至还能帮你构造一个回显的POC。👍👍 https://t.co/IAz2Zo8bVu https://t.co/Mblnkwubrk

    @_r00tuser

    9 Apr 2025

    6118 Impressions

    5 Retweets

    33 Likes

    18 Bookmarks

    2 Replies

    3 Quotes

Configurations