CVE-2026-33873: Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.9.0, the Agentic Assis
Summary
Langflow, a tool for building AI-powered agents and workflows, had a vulnerability in versions before 1.9.0 where the Agentic Assistant feature would execute Python code generated by an LLM (large language model) on the server. An attacker who could access this feature and control what the model outputs could run arbitrary code (malicious commands) on the server itself.
Solution / Mitigation
Update to version 1.9.0, which fixes the issue.
Vulnerability Details
EPSS: 0.0%
March 27, 2026
Classification
Affected Vendors
Related Issues
CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-
CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-33873
First tracked: March 28, 2026 at 02:07 AM
Classified by LLM (prompt v3) · confidence: 95%