{"data":{"id":"65d195e2-8f57-4f0c-9098-30d8d8b5c6ce","title":"GHSA-qrpv-q767-xqq2: Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow","summary":"Langflow versions before 1.9.1 had an IDOR vulnerability (insecure direct object reference, where attackers can access resources by guessing or knowing their ID) in the `/api/v1/responses` endpoint that allowed any authenticated user to execute another user's workflow by specifying that user's flow ID, potentially exposing sensitive data and wasting resources. The bug existed because the code queried the database directly using a flow's unique identifier without checking if the requesting user actually owned that flow.","solution":"Update to Langflow 1.9.1 or later. The fix, released on 2026-04-22 in PR #12832, adds ownership verification so that when a flow is accessed by ID, the system checks whether the requesting user owns it. If they don't, the system returns a 404 error (instead of allowing access or revealing that the flow exists). The fix applies to both UUID-based lookups and endpoint name lookups, and includes additional protective layers for related endpoints like `/api/v1/run*` routes.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-qrpv-q767-xqq2","publishedAt":"2026-06-19T21:16:46.000Z","cveId":"CVE-2026-55255","cweIds":null,"cvssScore":null,"cvssSeverity":"critical","severity":"critical","attackType":["other"],"issueType":"vulnerability","affectedPackages":["langflow@< 1.9.1 (fixed: 1.9.1)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["Langflow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-06-19T21:16:46.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}