Platform
python
Component
langflow
Fixed in
1.7.1
1.7.1
CVE-2025-68477 is a security vulnerability affecting Langflow versions up to 1.7.0. The flaw resides in the API Request component, which allows users to define HTTP requests within a flow. Due to insufficient validation, attackers can exploit this to send requests to internal resources, potentially leading to data exposure and unauthorized access. A fix is available in version 1.7.1.
This vulnerability allows an attacker to craft malicious flows that send arbitrary HTTP requests. Because the flow execution endpoints (/api/v1/run, /api/v1/run/advanced) can be invoked with just an API key, an attacker can potentially access internal services and data that are not exposed to the public internet. This includes accessing cloud metadata endpoints (169.254.169.254) and private IP ranges (127.0.0.1, 10/172/192 ranges). The impact can range from information disclosure to complete compromise of internal systems, depending on the resources accessible via the HTTP requests. The lack of proper input validation significantly expands the attack surface.
CVE-2025-68477 was publicly disclosed on 2025-12-19. The vulnerability is not currently listed on CISA KEV. Public proof-of-concept exploits are not yet widely available, but the ease of exploitation suggests a potential for rapid development and deployment of such exploits. The vulnerability's reliance on API key authentication means that compromised API keys significantly increase the risk of exploitation.
Exploit Status
EPSS
0.03% (7% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade Langflow to version 1.7.1 or later, which includes the necessary fixes. If upgrading immediately is not possible, consider implementing temporary workarounds. Restrict access to the flow execution endpoints (/api/v1/run, /api/v1/run/advanced) using strong authentication and authorization mechanisms. Implement a Web Application Firewall (WAF) to filter outbound HTTP requests and block those targeting internal IP addresses or cloud metadata endpoints. Regularly review and audit Langflow flows to identify and remove any potentially malicious configurations.
Update Langflow to version 1.7.0 or higher. This corrects the SSRF vulnerability in the API Request component. The update can be performed through the package manager used to install Langflow, such as pip.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-68477 is a HIGH severity vulnerability in Langflow versions ≤1.7.0 that allows attackers to send arbitrary HTTP requests through the API Request component, potentially exposing internal resources.
You are affected if you are using Langflow version 1.7.0 or earlier. Check your installed version and upgrade immediately.
Upgrade Langflow to version 1.7.1 or later to resolve this vulnerability. If immediate upgrade is not possible, implement temporary workarounds like restricting access to flow execution endpoints.
While no active exploitation has been publicly confirmed, the ease of exploitation suggests a potential for rapid development and deployment of exploits.
Refer to the Langflow project's official security advisories and release notes for detailed information and updates regarding CVE-2025-68477.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.