CISA Adds Langflow Flaw to Exploited Vulner Origin Validation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Langflow vulnerability, CVE-2025-34291, to its Known Exploited Vulnerabilities (KEV) Catalog. This move signals active exploitation and mandates immediate remediation for affected organizations.

The flaw affects Langflow, a popular tool used for building and deploying AI-driven workflows. The issue stems from an origin validation error caused by an overly permissive Cross-Origin Resource Sharing (CORS) configuration.

When combined with a refresh token cookie configured as SameSite=None, the vulnerability allows malicious websites to perform authenticated cross-origin requests.

This weakness enables attackers to:

• Send unauthorized requests from a victim’s browser.
• Access sensitive refresh tokens
• Call backend authentication endpoints.
• Potentially execute arbitrary code.
• Achieve full system compromise.

Langflow Origin Validation Flaw

The vulnerability is categorized under CWE-346 (Origin Validation Error), highlighting improper validation of request origins.

In practical terms, an attacker can trick a user into visiting a malicious webpage. Because of the flawed CORS policy and cookie configuration, the victim’s browser automatically includes authentication credentials in cross-origin requests.

This allows the attacker to silently interact with Langflow’s API, particularly the refresh endpoint, without user awareness.

Once refresh tokens are obtained, attackers can:

• Generate new access tokens.
• Maintain persistent access.
• Interact with authenticated endpoints.
• Escalate privileges within the system.

This type of attack is especially dangerous in environments where Langflow is integrated with AI pipelines, APIs, or cloud-based services.

CISA added CVE-2025-34291 to its KEV catalog on May 21, 2026, confirming that the vulnerability poses a significant threat to federal and enterprise systems.

Federal Civilian Executive Branch (FCEB) agencies are required to remediate the vulnerability by the due date under Binding Operational Directive (BOD) 22-01.

CISA strongly advises organizations to take immediate action:

• Apply vendor-provided patches or updates without delay.
• Review and restrict CORS configurations to trusted origins only.
• Avoid using SameSite=None for sensitive authentication cookies unless necessary.
• Implement additional protections such as CSRF tokens and strict origin validation.
• Monitor logs for suspicious cross-origin requests and token abuse.
• Discontinue use of Langflow if mitigations are not available.

Organizations using Langflow in production environments, especially those handling sensitive data or AI workflows, should prioritize this vulnerability given its potential to compromise the entire system.

The inclusion of this flaw in the KEV catalog underscores the growing risk of misconfigured web security controls in modern applications.

As AI platforms like Langflow become more widely adopted, attackers are increasingly targeting weaknesses in authentication flows and API security.

Security teams should treat CVE-2025-34291 as a high-priority issue and implement rapid mitigations to prevent unauthorized access and potential breaches.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.