{"id":227993,"date":"2026-03-26T15:17:00","date_gmt":"2026-03-26T19:17:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/26\/new-langflow-flaw-actively-exploited-to-hijack-ai-workflows\/"},"modified":"2026-03-26T20:45:14","modified_gmt":"2026-03-27T00:45:14","slug":"new-langflow-flaw-actively-exploited-to-hijack-ai-workflows","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/26\/new-langflow-flaw-actively-exploited-to-hijack-ai-workflows\/","title":{"rendered":"New Langflow flaw actively exploited to hijack AI workflows"},"content":{"rendered":"<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-new-langflow-flaw-actively-exploited-to-hijack-ai-workflows\/\">New Langflow flaw actively exploited to hijack AI workflows<\/a><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-new-langflow-flaw-actively-exploited-to-hijack-ai-workflows\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-new-langflow-flaw-actively-exploited-to-hijack-ai-workflows\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-26 15:17:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.bleepingcomputer.com\">www.bleepingcomputer.com<\/a><\/p>\n<p style=\"text-align:center\">\n<p>The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as\u00a0CVE-2026-33017, which affects the Langflow\u00a0framework for building AI agents.<\/p>\n<p>The security issue received a critical score of 9.3 out of 10 and can be leveraged for remote code execution, allowing threat actors to\u00a0build public flows without authentication.<\/p>\n<p>The agency\u00a0added the issue to the list of Known Exploited Vulnerabilities, describing it as a code injection vulnerability.<\/p>\n<p>Researchers at application security company Endor Labs claim that hackers started exploiting\u00a0CVE-2026-33017 on March 19, about 20 hours\u00a0after the vulnerability advisory became public.<\/p>\n<p>No public proof-of-concept (PoC) exploit code\u00a0existed at the time, and Endor Labs believes that attackers built exploits directly from the information included in the advisory.<\/p>\n<p>Automated scanning activity began in 20 hours, followed by exploitation using Python scripts in 21 hours, and data (.env and .db files) harvesting in 24 hours.<\/p>\n<p>Langflow is a popular\u00a0open-source visual framework for building AI workflows with 145,000 stars on\u00a0GitHub. It provides a\u00a0drag-and-drop interface for connecting nodes into executable pipelines, along with a REST API for running them programmatically.<\/p>\n<p>The tool has widespread adoption across the AI development ecosystem, making it an attractive target for hackers.<\/p>\n<p>In May 2025, CISA issued another warning about active exploitation in Langflow, targeting CVE-2025-3248, a critical API endpoint flaw that allows unauthenticated RCE and potentially leads to full server control.<\/p>\n<p>The most recent flaw, CVE-2026-33017, lets attackers execute arbitrary Python code impacts versions 1.8.1 and earlier of Langflow, and could be exploited via a single crafted HTTP request due to unsandboxed flow execution.<\/p>\n<p>CISA did not mark the flaw as exploited by ransomware actors, but gave federal agencies until April 8\u00a0to apply the&#8230;<\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-new-langflow-flaw-actively-exploited-to-hijack-ai-workflows\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>New Langflow flaw actively exploited to hijack AI workflows https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-new-langflow-flaw-actively-exploited-to-hijack-ai-workflows\/ Publish Date: 2026-03-26 15:17:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":227994,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.bleepstatic.com\/content\/hl-images\/2025\/01\/13\/CISA-headpic.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,31,27],"class_list":["post-227993","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227993"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=227993"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227993\/revisions"}],"predecessor-version":[{"id":227995,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227993\/revisions\/227995"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/227994"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=227993"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=227993"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=227993"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}