CVE-2026-6600
Cross-Site Scripting in Langflow React Frontend Component
Publication date: 2026-04-20
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| langflow-ai | langflow | to 1.8.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding the use of vulnerable versions of langflow up to 1.7.3 and upgrading to a fixed version where proper sanitization is implemented.
As a temporary workaround, restrict access to the Langflow frontend to trusted users only, since the exploit requires authenticated user interaction.
Additionally, monitor and sanitize any user-generated content before rendering, or disable raw HTML rendering features such as the rehype-raw plugin until a patch is applied.
Can you explain this vulnerability to me?
This vulnerability is a flaw found in the langflow-ai langflow software up to version 1.8.3, specifically in a frontend React component related to message editing. It allows an attacker to perform cross-site scripting (XSS) by manipulating an unknown function in the specified file. The attack can be launched remotely, and an exploit for this vulnerability has already been published.
How can this vulnerability impact me? :
The vulnerability can lead to cross-site scripting attacks, which may allow an attacker to execute malicious scripts in the context of a user's browser. This can result in unauthorized actions, data theft, or session hijacking. Since the attack can be launched remotely and an exploit is publicly available, users of the affected software are at risk if they interact with the vulnerable component.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability is a stored cross-site scripting (XSS) issue that allows attackers to inject malicious scripts which can lead to session hijacking and unauthorized actions on behalf of victims.
Such security weaknesses can impact compliance with common standards and regulations like GDPR and HIPAA because they may lead to unauthorized access to sensitive user data or system functions, violating data protection and privacy requirements.
Specifically, session hijacking and unauthorized API calls could result in exposure or manipulation of personal or protected health information, which is against the mandates of these regulations.
Therefore, failure to remediate this vulnerability could result in non-compliance with these standards due to inadequate protection of user data and insufficient security controls.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to inject a stored cross-site scripting (XSS) payload into the Langflow frontend, specifically in chat messages or flow descriptions, and observing if the payload executes when viewed.
One method is to manually log into Langflow, send a chat message, then edit the message to include a payload such as <img src=x onerror=alert('attacked!')>. If an alert box appears upon saving or reopening the flow, the vulnerability is present.
Alternatively, automated API exploitation can be performed by sending a request to create a flow with a malicious description containing the XSS payload. For example, using a Python script like `python3 llm-enhance/cve-finding/Injection/rehype_raw_xss_poc.py` can help test for the vulnerability.