CVE-2026-6596
Unrestricted File Upload in Langflow API Enables Remote Attack
Publication date: 2026-04-20
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| langflow-ai | langflow | to 1.1.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a security flaw in the langflow-ai langflow software up to version 1.1.0. It affects the function create_upload_file located in the file src/backend/base/Langflow/api/v1/endpoints.py within the API Endpoint component. The flaw allows unrestricted file uploads, meaning an attacker can upload files without proper restrictions or validation.
The vulnerability can be exploited remotely, and the exploit code has already been made public. The vendor was informed early but did not respond.
How can this vulnerability impact me? :
This vulnerability can have significant impacts because it allows an attacker to upload arbitrary files to the system without restriction. This could lead to unauthorized code execution, data compromise, or system takeover depending on the nature of the uploaded files.
Since the attack can be launched remotely and requires no authentication, it increases the risk of exploitation and potential damage.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthenticated arbitrary file uploads to the server, which can lead to Denial of Service (DoS) and hosting of potentially malicious files. This lack of access control and authentication on a critical API endpoint can result in unauthorized data manipulation and resource exhaustion.
Such security weaknesses may impact compliance with standards and regulations like GDPR and HIPAA, which require protection of data integrity, availability, and confidentiality. Specifically, the ability for attackers to upload files without authentication could lead to unauthorized data exposure or disruption of services, violating requirements for secure access controls and system availability.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the deprecated API endpoint `/api/v1/upload/{flow_id}` for unauthenticated file upload capability.
A practical detection method is to attempt uploading a file to this endpoint without authentication and observe if the server responds with HTTP 201 Created, indicating successful upload.
For example, you can use a command-line tool like curl to test the upload:
- curl -X POST -F "[email protected]" http://<target-server>/api/v1/upload/<flow_id>
If the response status is 201 Created and includes the file path, the vulnerability is present.
Additionally, monitoring network traffic for POST requests to `/api/v1/upload/` without authentication headers can help detect exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling or removing the deprecated and vulnerable `/api/v1/upload/{flow_id}` endpoint to prevent unauthenticated file uploads.
If removal is not immediately possible, restrict access to this endpoint by implementing authentication and ownership verification similar to the newer secure endpoints.
Additionally, monitor disk space and inode usage to detect potential Denial of Service attacks caused by excessive file uploads.
Upgrading Langflow to a version later than 1.1.0 where this vulnerability is patched is strongly recommended.