Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Langflow security patch release for CVE-2026-5027

Security Patch Release
First reported
Last updated
Happening score
H score 38
1 unique sources, 1 articles

Summary

Hide ▲

Langflow shipped fixes for CVE-2026-5027, closing a path traversal flaw that let attackers write arbitrary files on exposed servers. The patch landed in langflow-base 0.8.3 and Langflow 1.9.0. The release matters because the vulnerable upload path was already being used in active exploitation.

Related Happenings

Ivanti security patch release for CVE-2026-8043

Security Patch Release
H score25 First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

Linux kernel Dirty Frag patch release (CVE-2026-43284, CVE-2026-43500)

Security Patch Release
H score49 First: 11.05.2026 17:30 Last: 11.05.2026 17:30 Sources 1

About this happening: **Major Linux distributions** are rolling out fixes for **Dirty Frag**, the **Linux kernel** patch release that covers **CVE-2026-43284** and **CVE-2026-43500**. The update matter...

Open Happening

CPanel security patch release for CVE-2026-29201

Security Patch Release
H score46 First: 09.05.2026 10:16 Last: 09.05.2026 10:16 Sources 1

About this happening: **cPanel** released updates for **cPanel and Web Host Manager (WHM)** to fix **three vulnerabilities** that could enable **privilege escalation**, **code execution**, or **denial-...

Open Happening

Linux kernel security update for Copy Fail (CVE-2026-31431)

Security Patch Release
H score53 First: 30.04.2026 16:54 Last: 30.04.2026 16:54 Sources 1

About this happening: **Linux kernel** maintainers have fixed **CVE-2026-31431** and are rolling out updates to close a **local privilege escalation** flaw that lets an unprivileged attacker gain **roo...

Open Happening

Progress security patch release for CVE-2026-2699

Security Patch Release
H score27 First: 02.04.2026 16:33 Last: 02.04.2026 16:33 Sources 1

About this happening: **Progress** released **ShareFile 5.12.4** on **March 10** to fix **CVE-2026-2699** and **CVE-2026-2701** in the **Storage Zones Controller (SZC)** for **branch 5.x**. The update...

Open Happening

Timeline

  1. 30.03.2026 03:00 2 articles · 2mo ago

    Langflow and langflow-base ship fixes for CVE-2026-5027

    Mitigation Patch Update

    Langflow and the langflow-base package received fixes for CVE-2026-5027, a path traversal flaw in the POST /api/v2/files upload path that allowed arbitrary file writes through unsanitized filename values. The affected releases were langflow-base 0.8.3 and Langflow 1.9.0.

    Show sources
    Open in new tab