GHSA-9c59-2mvc-vfr8: Langflow: IDOR/BOLA in Monitor API — Missing Ownership Enforcement on 7 Endpoints
Summary
Langflow's monitor API has 7 endpoints that lack ownership checks, allowing any authenticated user to read, modify, or delete another user's data like messages, sessions, and LLM logs through IDOR/BOLA (insecure direct object references/broken object-level authorization, where an attacker can access resources by guessing or knowing their IDs). The source code shows that the correct ownership-checking pattern exists in one endpoint but was not applied consistently across the other vulnerable endpoints.
Vulnerability Details
EPSS: 0.0%
Yes
June 16, 2026
Classification
Affected Vendors
Affected Packages
Related Issues
CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e
CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-
Original source: https://github.com/advisories/GHSA-9c59-2mvc-vfr8
First tracked: June 16, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 95%