Critical Langflow RCE Exploited Hours After Disclosure
🚨 Attackers weaponized a critical Langflow remote code execution flaw within hours of disclosure, prompting CISA to add CVE-2026-33017 to its Known Exploited Vulnerabilities catalog. The issue stems from an unauthenticated build_public_tmp API endpoint that accepts workflow data and executes embedded Python code without sandboxing, enabling unauthenticated RCE on versions up to 1.8.2. Langflow released a fix in v1.9.0 and agencies are urged to patch by April 8, 2026.
