CVE Catalog

CVE-2026-55423

MediumCVSS 6.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.15%

5th percentile — higher than 5% of all known CVEs

Summary

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0, the logout button does not clear the session, allowing the previous user to remain logged in unless another user explicitly logs in.

Risk Assessment

Organizations may be exposed to unauthorized access to user data as sessions are not properly terminated upon logout.

Recommendation

It is recommended to upgrade to version 1.7.0 or later to mitigate this vulnerability.

Original NVD description (English source)

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.7.0, the logout button does not clear the session. The previous user stays logged in unless another user explicitly logs in. This vulnerability is fixed in 1.7.0.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS