CISA Known Exploited Vulnerability (KEV): Added to the CISA KEV Catalog on July 7, 2026. Action due July 10, 2026 (Friday). BOD 26-04 applies.
CVE: CVE-2026-55255 | CVSS 3.1: 8.4 (High) | Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L | CWE: CWE-639 (Authorization Bypass Through User-Controlled Key) | Vendor: Langflow | Product: Langflow (AI agent/bot building platform) | Affected versions: Prior to 1.9.1
What Is the Vulnerability
CVE-2026-55255 is an Insecure Direct Object Reference (IDOR) vulnerability in Langflow, a popular open-source tool for building and deploying AI-powered agents and workflows. Prior to version 1.9.1, an IDOR vulnerability in the /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim’s flow ID in the request. This means a malicious user on a multi-tenant Langflow instance can execute AI workflows created by other users, potentially accessing sensitive data processed by those workflows or triggering actions those workflows were designed to perform.
Versions Affected
- Langflow — all versions prior to 1.9.1
Exploited?
Yes — actively exploited. CISA added this vulnerability to the KEV catalog on July 7, 2026, citing evidence of active exploitation.
Fix
Langflow has released version 1.9.1 addressing the IDOR vulnerability.
- Primary fix: Update Langflow to version 1.9.1 or later.
- Workaround: Restrict network access to Langflow instances to trusted users only. Implement additional access controls around the /api/v1/responses endpoint.
Recommendations
- Patch by Friday July 10: CISA KEV deadline applies.
- Audit workflow executions: Review Langflow logs for unauthorized flow execution attempts.
- Multi-tenant instances: If running Langflow in a multi-tenant configuration, update immediately to prevent cross-user flow access.
References
- The Hacker News: CISA adds 4 KEVs
- CISA Known Exploited Vulnerabilities Catalog
- Langflow Security Advisory (v1.9.1)
Part of the Vulnerability Intelligence series on threat-modeling.com. July 8, 2026 Report.
