Plattform
python
Komponente
langflow
Behoben in
1.5.1
1.5.1
CVE-2025-57760 describes a privilege escalation vulnerability discovered in Langflow containers. An authenticated user possessing Remote Code Execution (RCE) access can leverage the langflow superuser CLI command to create a new administrative user, effectively bypassing standard access controls. This vulnerability impacts versions of Langflow up to and including 1.5.0.post2, and a fix is available in version 1.5.1.
The impact of this vulnerability is significant. An attacker who can achieve RCE within a Langflow container can easily escalate their privileges to gain full administrative control over the system. This allows them to modify configurations, access sensitive data, and potentially compromise the entire infrastructure. The ability to create a superuser effectively circumvents the intended security model of Langflow, allowing for unrestricted access. This is particularly concerning in environments where Langflow is used to manage critical workflows or sensitive data, as a successful exploit could lead to data breaches, system disruption, and unauthorized access.
This vulnerability was disclosed by Check Point researchers as part of a responsible disclosure process. Public proof-of-concept exploits are currently not publicly available, but the ease of exploitation given RCE access suggests a potential for rapid exploitation if a PoC is released. The vulnerability is not currently listed on CISA KEV, but its HIGH severity warrants close monitoring. The vulnerability was publicly disclosed on 2025-08-25.
Organizations deploying Langflow in production environments, particularly those utilizing Docker containers, are at risk. Shared hosting environments where multiple users share a single Langflow instance are especially vulnerable, as a compromised user could potentially escalate privileges and impact other users. Legacy configurations with weak access controls or inadequate container security measures also increase the risk.
• python / container:
ps aux | grep 'langflow superuser'• python / container:
journalctl -u langflow -g 'superuser command'• python / container:
find / -name 'langflow' -type d -exec grep -i 'superuser command' {} \;disclosure
Exploit-Status
EPSS
0.01% (3% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-57760 is to upgrade Langflow to version 1.5.1 or later, which contains the fix for this vulnerability. If an immediate upgrade is not feasible, consider implementing stricter access controls within the Langflow container to limit the potential for RCE exploitation. This could involve restricting network access to the container, implementing strong authentication mechanisms, and regularly auditing user permissions. Monitoring container logs for suspicious activity, particularly the execution of the langflow superuser command, can also help detect and respond to potential attacks. After upgrading, confirm the fix by attempting to execute the langflow superuser command as a non-admin user; it should be denied.
Actualizar Langflow a una versión parcheada cuando esté disponible. Como no hay una versión parcheada disponible, la mitigación inmediata es restringir el acceso RCE a usuarios no confiables y monitorear el uso de la CLI `langflow superuser`. Estar atento a los avisos de seguridad de Langflow para la publicación de una versión corregida.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-57760 is a HIGH severity vulnerability in Langflow versions ≤1.5.0.post2 allowing authenticated users with RCE to create a superuser, gaining full admin access.
If you are using Langflow version 1.5.0.post2 or earlier, you are potentially affected by this vulnerability. Check your version and upgrade immediately.
Upgrade Langflow to version 1.5.1 or later to remediate the vulnerability. If immediate upgrade isn't possible, implement stricter container access controls.
While no public exploits are currently available, the ease of exploitation suggests a potential for rapid exploitation if a PoC is released. Monitor your systems closely.
Refer to the Langflow security advisory for detailed information and updates regarding CVE-2025-57760.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.