CVE-2025-34291

UNKNOWN

Description

Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account takeover and remote code execution. An overly permissive CORS configuration (allow_origins='*' with allow_credentials=True) combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh endpoint. An attacker-controlled origin can therefore obtain fresh access_token / refresh_token pairs for a victim session. Obtained tokens permit access to authenticated endpoints — including built-in code-execution functionality — allowing the attacker to execute arbitrary code and achieve full system compromise.

References

https://github.com/langflow-ai/langflow

https://www.obsidiansecurity.com/blog/cve-2025-342...

https://www.vulncheck.com/advisories/langflow-cors...

Weakness Types

CWE-346

CVE Information

CVE ID:: CVE-2025-34291
Published:: 2025-12-05
Modified:: 2025-12-05
Severity:: UNKNOWN

Quick Actions

View on NVD

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL