AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-ph9w-r52h-28p7: langflow: /profile_pictures/{folder_name}/{file_name} endpoint file reading

highvulnerability

security

Source: GitHub Advisory DatabaseMarch 20, 2026CVE-2026-33497

Summary

Langflow's /profile_pictures/{folder_name}/{file_name} endpoint has a path traversal vulnerability (a flaw where attackers use ../ sequences to access files outside the intended directory). The folder_name and file_name parameters aren't properly validated, allowing attackers to read the secret_key file across directories. Since the secret_key is used for JWT authentication (a token system that verifies who you are), an attacker can forge login tokens and gain unauthorized access to the system.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Patch Available

Yes

Disclosure Date

March 20, 2026

Classification

Attack Type

Data Extraction

Attack SophisticationTrivial

Impact (CIA+S)

confidentialityintegrity

Affected Vendors

LangChain

Affected Packages

langflow@< 1.7.1 (fixed: 1.7.1)

Related Issues

critical

CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-

Same vendorNVD/CVE Database

critical

CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive

First tracked: March 20, 2026 at 08:00 PM

Classified by LLM (prompt v3) · confidence: 95%