{"data":{"id":"cb124a58-2e09-4e88-a926-05a57aa42c41","title":"GHSA-rcjh-r59h-gq37: Langflow: Unauthenticated Shareable Playground arbitrary local or S3 file read","summary":"Langflow's Shareable Playground feature allows unauthenticated users to execute public workflows through a special endpoint. This endpoint accepts a list of files that can be read from either the local system or S3 storage (cloud file storage), potentially exposing sensitive files if the workflow is configured to read them. An attacker could craft a request specifying arbitrary file paths to extract data without authentication.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-rcjh-r59h-gq37","publishedAt":"2026-06-16T17:36:00.000Z","cveId":"CVE-2026-48520","cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["data_extraction"],"issueType":"vulnerability","affectedPackages":["langflow@< 1.10.0 (fixed: 1.10.0)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["Langflow","LangChain"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-06-16T17:36:00.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}