CVE-2026-55450
Analyzed Analyzed - Analysis Complete

Unauthenticated File Upload in Langflow Leading to DoS

Vulnerability report for CVE-2026-55450, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-23

Last updated on: 2026-06-24

Assigner: GitHub, Inc.

Description

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, unauthenticated users can upload any amount of data to the server without any limitations. No need for any prior knowledge, only network access to Langflow. This can lead to space exhaustion on the server. In addition, in the response, the absolute path of the uploaded file is reported to the attacker, which is an information leak that can assist in chaining other primitives. This vulnerability is fixed in 1.9.1.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-23
Last Modified
2026-06-24
Generated
2026-07-14
AI Q&A
2026-06-23
EPSS Evaluated
2026-07-12
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
langflow langflow to 1.9.1 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the Langflow AI platform prior to version 1.9.1, where an unauthenticated and deprecated API endpoint allowed anyone with network access to upload arbitrary files to the server without any restrictions.

Specifically, the POST /api/v1/upload/{flow_id} endpoint lacked authentication and authorization checks, enabling attackers to write files into a flow's cache folder by guessing flow IDs.

Although filenames were hashed to prevent direct data exfiltration, attackers could still misuse this to fill disk space (causing denial-of-service) or overwrite other users' cache files.

Additionally, the server response leaked the absolute path of the uploaded file, which is an information disclosure that could help attackers chain further exploits.

The vulnerability was fixed in version 1.9.1 by adding authentication, flow ownership checks, and file size limits to the endpoint.

Impact Analysis

This vulnerability can impact you by allowing attackers to exhaust the server's disk space through unlimited file uploads, leading to a denial-of-service (DoS) condition where the server becomes unavailable or unstable.

Attackers can also overwrite cache files belonging to other users, potentially causing data corruption or unexpected behavior.

Furthermore, the disclosure of absolute file paths in server responses leaks sensitive information about the server's filesystem structure, which can aid attackers in crafting more targeted attacks.

Detection Guidance

This vulnerability can be detected by checking if the deprecated endpoint POST /api/v1/upload/{flow_id} is accessible without authentication on your Langflow server.

You can attempt to send an unauthenticated POST request to this endpoint with a test file upload and observe if the server accepts the upload and returns the absolute path of the uploaded file.

Example command using curl to test the vulnerability:

If the upload succeeds without authentication and the response contains the absolute path of the uploaded file, the system is vulnerable.

Mitigation Strategies

To mitigate this vulnerability immediately, upgrade Langflow to version 1.9.1 or later, where the issue is fixed by enforcing authentication, flow ownership checks, and file size limits on the upload endpoint.

If upgrading immediately is not possible, restrict network access to the vulnerable endpoint to trusted users only, for example by firewall rules or network segmentation.

Additionally, monitor disk usage closely to detect any unusual space exhaustion that could indicate exploitation attempts.

Compliance Impact

The vulnerability allows unauthenticated users to upload unlimited data to the Langflow server, potentially causing denial-of-service through disk space exhaustion and leaking absolute file paths. This information leak and resource exhaustion could impact compliance with standards like GDPR and HIPAA, which require protection of sensitive data and system availability.

Specifically, the exposure of absolute file paths constitutes an information disclosure risk, which may violate data protection requirements under these regulations. Additionally, the risk of denial-of-service could affect system availability, a key aspect of operational security controls mandated by such standards.

However, the provided context and resources do not explicitly discuss compliance impacts or regulatory considerations.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-55450. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart