CVE-2025-3248
Langflow < 1.3.0 Unauthenticated RCE via /api/v1/validate/code
CVSS Score
9.8
EPSS Score
0.0%
EPSS Percentile
0th
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.
| CWE | CWE-306 |
| Vendor | langflow-ai |
| Product | langflow |
| Published | Apr 7, 2025 |
| Last Updated | Nov 29, 2025 |
โ ๏ธ Actively Exploited โ Act Now
Get instant alerts for langflow-ai langflow
This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2025-3248.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected Versions
langflow-ai / langflow
0 < 1.3.0
References
github.com: https://github.com/langflow-ai/langflow/pull/6911 github.com: https://github.com/langflow-ai/langflow/releases/tag/1.3.0 horizon3.ai: https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/ vulncheck.com: https://www.vulncheck.com/advisories/langflow-unauthenticated-rce cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-3248
Credits
Naveen Sunkavally of Horizon3.ai