{"data":{"id":"a3dce035-d72f-4a79-83b7-53750dff26c4","title":"GHSA-79ph-745m-6wxq: Langflow: Path Traversal in Knowledge Bases API via Creation Endpoint","summary":"Langflow has a path traversal vulnerability (a security flaw where an attacker can access files outside intended directories) in its Knowledge Bases API that allows authenticated attackers to create files and directories anywhere on the server by supplying malicious names like '../victim_user/evil_kb' or '/tmp/pwned' to the creation endpoint, potentially compromising data across users and corrupting knowledge bases.","solution":"The issue was fixed in PR #12337 by introducing a `_validate_kb_path_containment()` helper function that uses `Path.is_relative_to()` (instead of `startswith()`) to enforce strict path boundaries and prevent traversal attacks. This validation is applied before any filesystem operations, and regression tests were added to verify that traversal payloads return a 403 Forbidden response.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-79ph-745m-6wxq","publishedAt":"2026-06-16T17:35:09.000Z","cveId":"CVE-2026-42867","cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":["langflow@<= 1.8.4 (fixed: 1.9.0)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["Langflow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-06-16T17:35:09.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"rag","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":["AML.T0010"]}}