CVE-2026-55255: Langflow’s /api/v1/responses endpoint contains an IDOR that lets any authenticated user execute another user’s flow by supplying the victim’s flow UUID.
CVE-2026-55255 is verified against langflow (pip) · pip affected versions: < 1.9.1 fixed version: >=1.9.1 This critical reproduction includes runnable sandbox proof, artifacts, and a plain-text agent view under REPRO-2026-00268.
pruva-verify REPRO-2026-00268 curl -O https://pruva.dev/api/v1/reproductions/REPRO-2026-00268/artifacts/bundle/repro/reproduction_steps.sh && chmod +x reproduction_steps.sh && ./reproduction_steps.sh An Insecure Direct Object Reference (IDOR) in Langflow’s /api/v1/responses endpoint allows an authenticated attacker to execute flows belonging to other users by providing the victim’s flow UUID as the model value. The vulnerable helper (get_flow_by_id_or_endpoint_name) queries by UUID without checking ownership.
Variant analysis
The agent's step-by-step process — every tool call, every handoff, the moment the exploit fired. Phases: support triages the advisory · repro reproduces it · vuln_variant confirms the fix blocks it · judge verifies.
Loading session...
Scripts, logs, diffs, and output captured during the reproduction.