CNNVD-202508-2934 Information

CNNVD ID

CNNVD-202508-2934

Related CVE

CVE-2025-57760

• CNNVD Published: 2025-08-25

Description (Chinese)

Langflow是Langflow开源的一个用于构建多代理和 RAG 应用程序的可视化框架。 Langflow存在安全漏洞，该漏洞源于容器内权限管理不当，可能导致权限提升。

Description (English)

Langflow is a visual framework for building multi-agent and RAG applications from Langflow Open Source. There is a security loophole in Langflow, which stems from the mismanagement of the privileges inside the container, which may lead to an increase in the privileges.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Langflow

Published

2025-08-25

Last Modified

2026-02-24

References

https://github.com/langflow-ai/langflow/security/advisories/GHSA-4gv9-mp8m-592r https://github.com/langflow-ai/langflow/commit/c188ec113c9ca46154ad01d0eded1754cc6bef97 http://github.com/langflow-ai/langflow/pull/9152 https://nvd.nist.gov/vuln/detail/CVE-2025-57760

Patch

https://github.com/langflow-ai/langflow/releases