CVE advisoryKnown Exploit
CVE-2025-3248
Langflow Code Injection Vulnerability
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A code injection vulnerability in Langflow allows unauthenticated attackers to execute arbitrary code. This could lead to unauthorized system access and control, presenting a notable business risk. Organizations should identify affected assets and take action to mitigate exposure.