HIGH 8.8 PyPI
Langflow remote code execution vulnerability
GHSA-qg33-x2c5-6p44 · CVE-2024-37014 · PYSEC-2024-177
Published · Modified
Description
Langflow allows remote code execution if untrusted users are able to reach the "POST /api/v1/custom_component" endpoint and provide a Python script.
Ready to move
Start Securing
Free, no credit card | First findings in minutes