CVE-2025-3248 - PatchNow

📋 Vulnerability Details

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: DIRECT_NETWORK

CVE Published: 2025-04-07

Added to CISA KEV: 2025-05-05 28 DAYS BETWEEN CVE AND KEV

🎯 Recommendations:

CRITICAL: Check for indicators of compromise - this vulnerability is in CISA KEV indicating active exploitation in the wild. Review logs, check for unauthorized access, verify system integrity
Immediately upgrade to Langflow 1.3.0 or later
If immediate patching not possible, block access to /api/v1/validate/code endpoint at firewall/proxy level
Review web server access logs for suspicious requests to the validate/code endpoint
Implement network segmentation to limit exposure if not already done
Monitor for unusual process execution or network connections from Langflow servers
PATCH PRIORITY: EMERGENCY - Active exploitation with unauthenticated RCE

🔍 Web Intelligence (Kagi · 2026-06-04)

CVE-2025-3248 is a critical security vulnerability affecting Langflow that allows for unauthenticated remote code execution (RCE) ^[2] ^[7].

Exploitation and Threat Actor Activity

Active Exploitation: The vulnerability has been confirmed as actively exploited in the wild ^[5].
Threat Actor Usage: It has been linked to the deployment of the Flodrix botnet ^[6].
PoC Availability: Multiple proof-of-concept (PoC) exploits were made publicly available on GitHub, which contributed to the likelihood of continued exploitation ^[3].

Attack Method and Requirements

Method: The vulnerability is a code injection flaw located in the `/api/v1/validate/code` endpoint ^[1].
Requirements: It is a remote, unauthenticated attack, meaning no user interaction is required ^[1] ^[7]. Attackers simply send malicious HTTP requests to the vulnerable endpoint ^[2].

Impact

Access/Impact: Successful exploitation results in full compromise of the affected system, granting the attacker unauthorized access and the ability to execute arbitrary code with the privileges of the Langflow host ^[2] ^[7].

Affected Versions and Mitigation

Affected Versions: Langflow versions prior to 1.3.0 are susceptible ^[1].
Patch Status: The issue was addressed by adding authentication to the affected endpoint in version 1.3.0 ^[4].
CISA Status: The Cybersecurity and Infrastructure Security Agency (CISA) added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog in May 2025, directing federal agencies to patch or discontinue use of the affected software ^[1] ^[5].

Sources

NVD - CVE-2025-3248
An official website of the United States government Here's how you know ... Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send ... Reference Type. CISA-ADP: https://www.cisa.gov/known-exploited-vuln…
CVE-2025-3248 Description, Impact and Technical Details
CVE-2025-3248 is a new code injection vulnerability affecting Langflow versions before 1.3.0. This issue permits an unauthenticated attacker to send malicious HTTP requests to the /api/v1/validate/code endpoint, leading to the execution of arbitrary code. The vulnerability poses a serious risk, as i…
Langflow: CVE-2025-3248: Active Exploitation
Learn about CVE-2025-3248 affecting Langflow. Patch now to prevent remote code execution. ... Learn about CVE-2025-3248 affecting Langflow. Patch now to prevent remote code execution.Table 1: Example malicious IP addresses attempting to exploit CVE-2025-3248 (Source: Greynoise). Multiple proof-of-co…
NVD - CVE-2026-33017
CVE-2026-33017 Detail. Description.This is distinct from CVE-2025-3248, which fixed /api/v1/validate/code by adding authentication. The build_public_tmp endpoint is designed to be unauthenticated (for public flows) but incorrectly accepts attacker-supplied flow data containing arbitrary executable c…
Langflow RCE Flaw Actively Exploited: CISA Urges Immediate Patch
CISA confirms active exploitation of critical Langflow RCE flaw CVE-2025-3248, urging urgent updates to prevent full server takeover through exposed API endpoints. ... CISA has added CVE-2025-3248 to its Known Exploited Vulnerabilities Catalog. Federal agencies have been directed to: Patch to Langfl…
Critical Langflow Vulnerability (CVE-2025-3248) Actively ...
This blog uncovers an active campaign exploiting CVE-2025-3248 in Langflow versions before 1.3.0 that deploys the Flodrix botnet.
CVE-2025-3248: Critical Langflow Unauthenticated Remote Code Execution ...
Impact of CVE-2025-3248 on Langflow Systems Successful exploitation of CVE-2025-3248 results in immediate and full compromise of the affected system. Because the vulnerability allows unauthenticated remote code execution, attackers gain direct control over the Langflow host with minimal effort.

🔴 CVE-2025-3248