US Reports Active Exploitation of Critical Security Flaw in AI Software Langflow
By Netvora Tech News
The US has reported that attackers are actively exploiting a critical security vulnerability in Langflow, an open-source software for developing and deploying AI-powered agents. Langflow is a Python-based web application that provides a visual interface for creating AI agents. A code injection vulnerability in the software allows an unauthenticated attacker to execute arbitrary code on the system remotely. All it takes is for an attacker to send a specially prepared HTTP request to a vulnerable system to trigger the attack. The security flaw, identified as CVE-2025-3248, was reported by security firm Horizon3.ai in late February. Langflow released version 1.3.0 on March 31, which addressed the issue, but the release notes failed to mention the vulnerability. The impact of the security flaw has been rated 9.8 out of 10, according to a scale used by security experts. A month ago, Horizon3.ai published details about the issue. Following an investigation, security firm Censys found that there are 460 Langflow installations accessible from the internet that are vulnerable to the flaw. The US Cybersecurity and Infrastructure Security Agency (CISA) has now confirmed that attackers are actively exploiting CVE-2025-3248. While details about the attacks are not publicly available, US government agencies have been instructed to install the Langflow update by May 26.
Implications and Recommendations
- The Langflow update should be installed as soon as possible to prevent exploitation of the vulnerability.
- Audit existing Langflow installations to identify and patch any vulnerabilities.
- Regularly monitor systems for signs of exploitation or suspicious activity.
Comments (0)
Leave a comment