CVE Catalog

CVE-2026-48519

CriticalCVSS 9.6
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.55%

42th percentile — higher than 42% of all known CVEs

Summary

Langflow before version 1.9.2 contains a critical RCE vulnerability in the 'Shareable Playground' feature. Unauthenticated users can execute arbitrary Python code by sending a crafted request to the /api/v1/build_public_tmp endpoint with the field data.nodes[X].data.node.template.code.value.

Risk Assessment

An attacker can remotely execute arbitrary code on the server, leading to full compromise of the application and potentially the entire IT environment of the organization.

Recommendation

Immediately upgrade Langflow to version 1.9.2 or later. If upgrading is not possible, disable the 'Shareable Playground' feature and block access to the /api/v1/build_public_tmp endpoint.

Original NVD description (English source)

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, the "Shareable Playground" (or "Public Flows" in code) contains a critical RCE vulnerability. Shareable Playground feature works by enabling the execution of workflows by unauthenticated users, by accessing a link. Specifically, it enables the route /api/v1/build_public_tmp to execute any public flow, given a public flow ID. When the route executes the flow, it allows for providing arbitrary custom Python code as the nodes code, inside the JSON payload. The vulnerable field is data.nodes[X].data.node.template.code.value. This vulnerability is fixed in 1.9.2.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS