Compliance Impact

The vulnerability allows an authenticated attacker to execute flows belonging to other users by bypassing ownership checks, potentially exposing sensitive data or allowing unauthorized actions on behalf of other users.

Such unauthorized access and execution of another user's data or workflows can lead to violations of data protection regulations like GDPR and HIPAA, which mandate strict controls over access to personal and sensitive information.

Because the flaw impacts confidentiality and integrity with a high severity score (CVSS 9.9), it poses a significant risk to compliance by enabling data breaches or unauthorized data processing.

Useful 0 Not Useful 0

Executive Summary

CVE-2026-55255 is a critical Insecure Direct Object Reference (IDOR) vulnerability in the Langflow application affecting versions prior to 1.9.1. It exists in the /api/v1/responses endpoint, where an authenticated attacker can specify another user's flow ID to execute that user's flow without proper authorization.

The root cause is a helper function, get_flow_by_id_or_endpoint_name, which fails to verify ownership of the flow when queried by UUID, allowing direct access to flows belonging to other users.

This flaw allows attackers to execute arbitrary flows of other users, potentially accessing sensitive data or consuming resources that do not belong to them.

The vulnerability was fixed in Langflow version 1.9.1 by enforcing ownership checks and adding additional security measures.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can have severe impacts including unauthorized execution of other users' flows, which may lead to exposure of sensitive data or unauthorized use of system resources.

Because the attacker can execute arbitrary flows belonging to other users, they might gain access to confidential information or disrupt normal operations by consuming resources.

The vulnerability has a high severity score (CVSS 9.9), indicating it is easy to exploit remotely with significant impact on confidentiality, integrity, and availability.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by monitoring and analyzing requests to the /api/v1/responses endpoint for suspicious activity where an authenticated user attempts to execute flows using flow IDs that do not belong to them.

Specifically, detection involves checking for POST requests to /api/v1/responses where the 'model' field contains UUIDs of flows owned by other users.

Commands to detect such activity could include inspecting web server or application logs for these patterns. For example, using grep on logs to find POST requests to the vulnerable endpoint:

• grep 'POST /api/v1/responses' /path/to/langflow/access.log
• grep -E 'model=[a-f0-9\-]{36}' /path/to/langflow/access.log

Additionally, monitoring for unusual flow execution patterns or unexpected resource consumption by users may indicate exploitation attempts.

Useful 0 Not Useful 0

Mitigation Strategies

The immediate and most effective mitigation is to upgrade Langflow to version 1.9.2 or later, where the vulnerability has been fixed by enforcing ownership checks on flow execution.

If upgrading immediately is not possible, restrict access to the /api/v1/responses endpoint to trusted users only and monitor for suspicious activity as a temporary measure.

Additionally, review API keys and authentication tokens to ensure they are not compromised or overly permissive.

Implement network-level controls such as firewall rules or API gateway policies to limit access to the vulnerable endpoint.

Useful 0 Not Useful 0