TP-EXP-2025-0006 CVE-2025-34291 high Patched AI Draft

Langflow Origin Validation Error Vulnerability (CVE-2025-34291)

CVE CVE-2025-34291 Platform Langflow Type Origin Validation Error

Severity HIGH

Status Patched

Zero-Day No

Disclosed May 21, 2026

CISA KEV Listed

Severity Assessment

Exploitability: 8/10 — NVD lists CVSS v3.1 8.8 (HIGH) and CVSS v4.0 9.4 (CRITICAL); CISA KEV inclusion indicates real-world exploitation activity.
Impact: 8/10 — The vulnerability affects trust boundaries in request-origin validation, with potential compromise impact on exposed Langflow deployments.
Weaponization Risk: 8/10 — KEV status demonstrates operational attacker interest and practical exploitability.
Patch Urgency: 10/10 — CISA KEV requires federal remediation and Langflow released a patched version.
Detection Coverage: 4/10 — Detection depends on application and network telemetry; signature-based detection is limited for logic flaws.

Summary

CVE-2025-34291 is an origin validation error vulnerability (CWE-346) in Langflow. NVD lists both CVSS v3.1 8.8 (HIGH) and CVSS v4.0 9.4 (CRITICAL), and CISA has added the vulnerability to the Known Exploited Vulnerabilities (KEV) catalog.

Based on the cited vendor and government sources, the issue was addressed by Langflow in release v1.9.3 (published 2026-05-15), and CISA KEV tracking indicates exploitation has been observed in the wild. Public details in the listed sources support classifying this as a high-priority, known-exploited vulnerability requiring prompt patching and exposure reduction.

Exploit Chain

Stage 1: Exposure of Public-Facing Langflow Service

An attacker identifies an internet-accessible Langflow deployment that is running a vulnerable version prior to the vendor fix.

Stage 2: Origin Validation Weakness Abuse

The attacker sends crafted requests that abuse the origin validation flaw described in CVE-2025-34291.

Stage 3: Post-Exploitation Access

Successful exploitation provides unauthorized access conditions consistent with CISA KEV designation. Exact post-exploitation behavior varies by deployment configuration.

Detection Guidance

Inventory externally reachable Langflow instances and verify current version status.
Prioritize upgrades to patched builds at or beyond v1.9.3.
Review reverse-proxy and application logs for anomalous request origins and unusual access patterns.
Restrict administrative interfaces and sensitive workflows behind network controls.
Correlate suspicious Langflow activity with broader host and identity telemetry.

Indicators of Compromise

The referenced sources do not publish a stable IOC set (for example, fixed malicious IP infrastructure or file hashes) for CVE-2025-34291.

Operational indicators can include:

Unexplained requests to public Langflow endpoints from anomalous origins.
Unexpected administrative or workflow activity after abnormal request patterns.
Unauthorized changes that correlate with the vulnerable service exposure window.

Disclosure Timeline

2026-05-15 — Vendor fix available

Langflow publishes release v1.9.3 and tracks the vulnerability discussion in repository issue history.

2026-05-21 — KEV inclusion

CISA adds CVE-2025-34291 to the Known Exploited Vulnerabilities catalog.

Sources & References

CISA: Known Exploited Vulnerabilities Catalog — CISA, 2026-05-21
National Vulnerability Database: CVE-2025-34291 — National Vulnerability Database, 2025-12-05
Langflow: Release v1.9.3 — Langflow, 2026-05-15
Langflow: Issue #11465 — Langflow, 2026-01-27