Cyber Resilience

CVE-2026-42048

CriticalPublic PoC

Published: 12 May 2026

Published
12 May 2026
Modified
14 May 2026
KEV Added
Patch
CVSS Score v3.1 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
EPSS Score 0.0442 90.2th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-42048 is a critical-severity Path Traversal (CWE-22) vulnerability in Langflow Langflow. Its CVSS base score is 9.6 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 9.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as LLM Application Platforms; in the Supply Chain and Deployment risk domain.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API (DELETE /api/v1/knowledge_bases). This occurs because user-supplied knowledge base names are concatenated directly into file…

more

paths without proper sanitization or boundary validation. An authenticated attacker can exploit this flaw to delete arbitrary directories anywhere on the server's filesystem, leading to data loss and potential service disruption. This vulnerability is fixed in 1.9.0.

CWE(s)

AI Security AnalysisAI

AI Category
LLM Application Platforms
Risk Domain
Supply Chain and Deployment
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ai, langflow

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1485 Data Destruction Impact
Adversaries may destroy data and files on specific systems or in large numbers on a network to interrupt availability to systems, services, and network resources.
Why these techniques?

Path traversal in exposed API (DELETE) directly enables arbitrary directory deletion, mapping to public app exploitation and data destruction.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-7524Same product: Langflow Langflow
CVE-2026-33497Same product: Langflow Langflow
CVE-2026-33309Same product: Langflow Langflow
CVE-2026-21445Same product: Langflow Langflow
CVE-2026-33017Same product: Langflow Langflow
CVE-2026-0770Same product: Langflow Langflow
CVE-2026-33484Same product: Langflow Langflow
CVE-2026-33873Same product: Langflow Langflow
CVE-2026-27966Same product: Langflow Langflow
CVE-2025-34291Same product: Langflow Langflow

Affected Assets

langflow
langflow
≤ 1.9.0

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

References