Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Langflow missing-authentication code-injection flaw (CVE-2026-33017)

Vulnerability
First reported
Last updated
Happening score
H score 61
2 unique sources, 2 articles

Summary

Hide ▲

Langflow's CVE-2026-33017 was actively exploited within 20 hours of disclosure, creating unauthenticated remote code execution risk for exposed servers. The flaw combines missing authentication with attacker-controlled code injection in the /api/v1/build_public_tmp/{flow_id}/flow endpoint. It affects all Langflow versions through 1.8.1, with 1.9.0.dev8 identified as the addressed build. Observed abuse quickly shifted from scanning to custom Python scripts, with keys and credentials being exfiltrated and follow-on activity tied to 173.212.205[.]251:8443.

Cases

Langflow unauthenticated RCE exploitation and secret theft (2)

Related Happenings

CISA KEV remediation deadline for Langflow

Public Sector Action
First: 26.03.2026 21:17 Last: 26.03.2026 21:17 Sources 1

How related: CISA did not mark the flaw as exploited by ransomware actors, but gave federal agencies until April 8 to apply the security updates or mitigations, or stop using the product.

About this happening: CISA added **CVE-2026-33017** to the **Known Exploited Vulnerabilities** list and ordered **federal agencies** to patch, mitigate, or stop using **Langflow** by **April 8, 2026**....

Open Happening

Langflow CVE-2026-33017 exploitation wave

Exploitation Wave
First: 20.03.2026 12:20 Last: 20.03.2026 12:20 Sources 1

How related: Researchers at application security company Endor Labs claim that hackers started exploiting CVE-2026-33017 on March 19, about 20 hours after the vulnerability advisory became public.

About this happening: **CVE-2026-33017** in **Langflow** is being exploited in a fast-moving **early wave** that surfaced within **20 hours** of the advisory, putting exposed instances at immediate ris...

Open Happening

CISA KEV remediation deadline for SolarWinds WHD CVE-2025-40551

Public Sector Action
First: 04.02.2026 07:50 Last: 04.02.2026 07:50 Sources 1

About this happening: **CISA** added **CVE-2025-40551** in **SolarWinds Web Help Desk** to the **KEV catalog** and imposed **federal remediation deadlines**, turning a newly exploited flaw into a compl...

Open Happening

Notepad++ hit by network compromise

Incident
First: 03.02.2026 06:55 Last: 03.02.2026 06:55 Sources 1

About this happening: The **Notepad++** hosting breach enabled attackers to hijack the software update path and selectively redirect some users to **malicious servers**, creating a **supply-chain** ris...

Latest development: 18.02.2026 09:40

Notepad++ released version 8.9.2 to harden the update mechanism after the hijacked update path was used to deliver targeted malware. The release adds a "double lock" design with verification of the signed installer downloaded from GitHub and verification of the signed XML returned by the update server at notepad-plus-plus[.]org, and it also introduces WinGUp hardening including removal of libcurl.dll, removal of CURLSSLOPT_ALLOW_BEAST and CURLSSLOPT_NO_REVOKE, and restriction of plugin management execution to programs signed with the same certificate as WinGUp.

Open Happening

Timeline

  2. 20.03.2026 17:15 1 articles · 2mo ago

    Langflow discloses CVE-2026-33017 in an advisory

    Technical Analysis Update

    Langflow publicly describes CVE-2026-33017 on March 17, 2026, saying the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows without requiring authentication and can pass attacker-controlled flow data to exec(), with all versions prior to and including 1.8.1 affected and 1.9.0.dev8 identified as the addressed build.

    Show sources
    Open in new tab
  3. 20.03.2026 17:15 3 articles · 2mo ago

    Sysdig observes early exploitation of CVE-2026-33017

    Exploitation Observed

    Sysdig reports first exploitation attempts against CVE-2026-33017, saying attackers built working exploits directly from the advisory without public PoC code, moved from scanning to custom Python scripts, exfiltrated keys and credentials, and used 173.212.205[.]251:8443 to stage next-stage payloads.

    Show sources
    Open in new tab