Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

CISA: New Langflow flaw actively exploited to hijack AI workflows

Langflow Got Hacked Twice Through the Same exec() Call - CVE-2026-33017 (CVSS 9.3) exploited in 20 hours with no public PoC

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Attackers Now Need Just 29 Minutes to Own a Network