CVE-2026-55423
MediumCVSS 6.1Exploitation Probability (EPSS)
Low risk5th percentile — higher than 5% of all known CVEs
Summary
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0, the logout button does not clear the session, allowing the previous user to remain logged in unless another user explicitly logs in.
Risk Assessment
Organizations may be exposed to unauthorized access to user data as sessions are not properly terminated upon logout.
Recommendation
It is recommended to upgrade to version 1.7.0 or later to mitigate this vulnerability.
Original NVD description (English source)
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.7.0, the logout button does not clear the session. The previous user stays logged in unless another user explicitly logs in. This vulnerability is fixed in 1.7.0.

