CVE-2026-33017: Langflow Code Injection Vulnerability. Langflow contains a
Langflow Code Injection Vulnerability. Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication.
- CISA KEV-listed (remediation due 2026-04-08)
- EPSS 24.7% (96.3% percentile)