www.cisa.gov 7/7/2026, 10:31:23 PM · external

CISA adds critical Langflow auth bypass flaw to KEV list

Developing story vulnerability 4 articles tracked
Multiple critical vulnerabilities discovered in Langflow AI platform
CyberSIXT Evidence Panel
Primary Source github.com
CISA KEV Listed in KEV
Patch Patch Available

THE Known Exploited Vulnerabilities (KEV) Catalog, maintained by CISA, serves as a critical resource for organizations to manage vulnerabilities that have been exploited in real-world attacks. It aids cybersecurity professionals in prioritizing their vulnerability management initiatives. The catalog is accessible in various formats including CSV and JSON, and encourages users to nominate any additional vulnerabilities not currently listed.

Specifically, the page highlights CVE-2026-55255, which involves an authorization bypass vulnerability in Langflow allowing authenticated attackers to exploit user flows. CISA advises organizations to follow mitigation guidelines and adhere to BOD 26-04 for security updates.

View Primary Source Via www.cisa.gov

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline