CVE-2025-57760

high-risk

Published 2025-08-25

Langflow is a tool for building and deploying AI-powered agents and workflows. A privilege escalation vulnerability exists in Langflow containers where an authenticated user with RCE access can invoke the internal CLI command langflow superuser to create a new administrative user. This results in full superuser access, even if the user initially registered through the UI as a regular (non-admin) account. A patched version has not been made public at this time.

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (20)

Langflow

Affected Vendors

Langflow

References (3)

Patch http://github.com/langflow-ai/langflow/pull/9152

Patch https://github.com/langflow-ai/langflow/commit/c188ec113c9ca46154ad01d0eded1754c...

Third Party Advisory https://github.com/langflow-ai/langflow/security/advisories/GHSA-4gv9-mp8m-592r

/ 100

high-risk

Severity 30/34 · Critical

Exploitability 0/34 · Minimal

Exposure 23/34 · High