Langflow CVE-2026-33017 exploitation wave
Exploitation Wave
Summary
Hide ▲
Show ▼
CVE-2026-33017 in Langflow is being exploited in a wider exploitation wave that now includes Monero miner delivery against exposed AI application endpoints. The activity uses an unauthenticated RCE to run attacker-supplied Python, pull a shell script, drop lambsys and XMRig, kill competing miners, disable defenses, and persist through cron and SSH. The campaign was observed over 19 days from March 27 to April 15, 2026, showing continued abuse of exposed Langflow instances for initial access and cryptojacking.
Cases
Related Happenings
Lambsys custom XMRig miner activity on SSH-reachable hosts
Malware Activity
H score34
First: 30.06.2026 18:47
Last: 30.06.2026 18:47
Sources 1
How related:
Subsequently, it downloads the binary on the machine using curl or wget, launches it as a detached process, and spreads itself to every SSH-reachable host the victim can authenticate to.
About this happening:
The **lambsys** malware is now being used to deploy a **custom XMRig miner** and spread to **SSH-reachable hosts**, turning compromised systems into persistent cryptomining infras...
Lambsys custom XMRig miner activity on SSH-reachable hosts
Malware ActivityHow related: Subsequently, it downloads the binary on the machine using curl or wget, launches it as a detached process, and spreads itself to every SSH-reachable host the victim can authenticate to.
About this happening: The **lambsys** malware is now being used to deploy a **custom XMRig miner** and spread to **SSH-reachable hosts**, turning compromised systems into persistent cryptomining infras...
Palo Alto Networks GlobalProtect log search guidance for CVE-2026-0257
Advisory/Mitigation
H score35
First: 15.06.2026 09:17
Last: 15.06.2026 09:17
Sources 1
About this happening:
Palo Alto Networks is urging **GlobalProtect** customers to search logs for **successful gateway-connected events** tied to **CVE-2026-0257**, a step that can expose possible unau...
Palo Alto Networks GlobalProtect log search guidance for CVE-2026-0257
Advisory/MitigationAbout this happening: Palo Alto Networks is urging **GlobalProtect** customers to search logs for **successful gateway-connected events** tied to **CVE-2026-0257**, a step that can expose possible unau...
Langflow security patch release for CVE-2026-5027
Security Patch Release
H score38
First: 11.06.2026 00:23
Last: 11.06.2026 00:23
Sources 1
About this happening:
**Langflow** shipped fixes for **CVE-2026-5027**, closing a **path traversal** flaw that let attackers write arbitrary files on exposed servers. The patch landed in **langflow-bas...
Langflow security patch release for CVE-2026-5027
Security Patch ReleaseAbout this happening: **Langflow** shipped fixes for **CVE-2026-5027**, closing a **path traversal** flaw that let attackers write arbitrary files on exposed servers. The patch landed in **langflow-bas...
Langflow path traversal flaw (CVE-2026-5027)
Vulnerability
H score33
First: 10.06.2026 18:00
Last: 10.06.2026 18:00
Sources 1
About this happening:
**Langflow**'s **CVE-2026-5027** is an **unpatched path traversal** vulnerability that is being **actively exploited** in the wild. The flaw lets an attacker write files to arbitr...
Langflow path traversal flaw (CVE-2026-5027)
VulnerabilityAbout this happening: **Langflow**'s **CVE-2026-5027** is an **unpatched path traversal** vulnerability that is being **actively exploited** in the wild. The flaw lets an attacker write files to arbitr...
AI-driven worm reasons at runtime and self-replicates across a 33-host test network
Technical Analysis
H score40
First: 09.06.2026 14:59
Last: 09.06.2026 14:59
Sources 1
About this happening:
Researchers demonstrated a **proof-of-concept AI-driven worm** that reasons at runtime and self-replicates, showing adaptive host-to-host spread across a **33-host** vulnerable te...
AI-driven worm reasons at runtime and self-replicates across a 33-host test network
Technical AnalysisAbout this happening: Researchers demonstrated a **proof-of-concept AI-driven worm** that reasons at runtime and self-replicates, showing adaptive host-to-host spread across a **33-host** vulnerable te...
Timeline
-
20.03.2026 12:20 1 articles · 3mo ago
March 17 advisory discloses CVE-2026-33017 in Langflow
Initial DisclosureA March 17 advisory disclosed CVE-2026-33017 in Langflow, an unauthenticated remote code execution flaw with CVSS 9.3 that lets attackers execute arbitrary Python code on exposed instances with a single HTTP request and no credentials.
Show sources
- Hackers Exploit Critical Langflow Bug in Just 20 Hours — www.infosecurity-magazine.com — 20.03.2026 12:20
-
20.03.2026 12:20 4 articles · 3mo ago
Observed exploit activity against exposed Langflow instances
Exploitation ObservedSysdig reported on March 20 that honeypots saw threat actors build working exploits directly from the advisory description, scan exposed Langflow instances from four source IPs using the same payload, and use custom Python exploit scripts delivered via a stage-2 dropper to harvest databases, API keys, cloud credentials, and configuration files.
Show sources
- Hackers Exploit Critical Langflow Bug in Just 20 Hours — www.infosecurity-magazine.com — 20.03.2026 12:20
- Hackers Exploit Critical Langflow Bug in Just 20 Hours — www.infosecurity-magazine.com — 20.03.2026 12:20
- CISA: New Langflow flaw actively exploited to hijack AI workflows — www.bleepingcomputer.com — 26.03.2026 21:17
- Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints — thehackernews.com — 30.06.2026 18:47