The langflow-ai langflow product up to version 1.8.3 contains multiple vulnerabilities that affect both frontend and backend components.

🚨 EUVD-2026-23760 📊 Score: 5.3/10 (CVSS v3.1) 📦 Product: langflow, langflow, langflow (+1 more) 🏢 Vendor: langflow-ai 📅 Updated: 2026-04-20 📝 A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_project/encrypt_auth_settings of the file src/backend/base/Langflow/api/v1/projects.py of the compo... 🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-23760 #cybersecurity #infosec #euvd #cve #vulnerability

🚨 EUVD-2026-23762 📊 Score: 5.3/10 (CVSS v3.1) 📦 Product: langflow, langflow, langflow (+1 more) 🏢 Vendor: langflow-ai 📅 Updated: 2026-04-20 📝 A vulnerability was detected in langflow-ai langflow up to 1.8.3. The impacted element is the function get_client_ip/install_mcp_config of the file src/backend/base/langflow/api/v1/mcp_projects.py of the component Model Con... 🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-23762 #cybersecurity #infosec #euvd #cve #vulnerability

🚨 EUVD-2026-23764 📊 Score: 5.1/10 (CVSS v3.1) 📦 Product: langflow, langflow, langflow (+1 more) 🏢 Vendor: langflow-ai 📅 Updated: 2026-04-20 📝 A flaw has been found in langflow-ai langflow up to 1.8.3. This affects an unknown function of the file src/frontend/src/modals/IOModal/components/chatView/chatMessage/components/edit-message.tsx of the component Frontend R... 🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-23764 #cybersecurity #infosec #euvd #cve #vulnerability