AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-6599: A vulnerability was detected in langflow-ai langflow up to 1.8.3. The impacted element is the function get_client_ip/ins

mediumvulnerability

security

Source: NVD/CVE DatabaseApril 20, 2026CVE-2026-6599

Summary

A vulnerability exists in Langflow (an AI application framework) versions up to 1.8.3 in the Model Context Protocol Configuration API, where attackers can manipulate the X-Forwarded-For header (a field that identifies the client's IP address) to perform injection attacks (inserting malicious code into the system). This vulnerability can be exploited remotely, the exploit code is publicly available, and the vendor has not responded to disclosure attempts.

Vulnerability Details

CVSS Score

6.3(medium)

EPSS (30-day exploit probability)

EPSS: 0.0%

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

network

Attack Complexity

low

Privileges Required

low

User Interaction

none

Disclosure Date

April 20, 2026

Classification

Attack Type

Other

Attack SophisticationTrivial

Impact (CIA+S)

integrity

AI Component TargetedAPI

Taxonomy References

CWE (Weakness Type)

CWE-74 CWE-707

Affected Vendors

LangChain

Related Issues

medium

CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e

Same vendorNVD/CVE Database

critical

CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-

Same vendor

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-6599

First tracked: April 20, 2026 at 08:18 AM

Classified by LLM (prompt v3) · confidence: 85%