Langflow /api/v1/responses IDOR — cross-user flow execution
An authenticated IDOR in Langflow's /api/v1/responses endpoint lets a logged-in attacker execute any other user's flow by passing the victim's flow UUID. NVD scores it 8.4 high; the vendor GHSA calls it 9.9 critical. Fixed in Langflow 1.9.1. Added to CISA KEV on 2026-07-07.
- Vendor
- Langflow
- Product
- Langflow (versions before 1.9.1)
- CVSS
- 8.4
- EPSS (exploit probability)
- 0.2%
- Status
- kev
- Published
CVE-2026-55255 is an insecure direct object reference (IDOR) in Langflow’s /api/v1/responses endpoint. Per the vendor’s GHSA-qrpv-q767-xqq2, the get_flow_by_id_or_endpoint_name helper validated ownership on endpoint-name lookups but not on UUID lookups — so an authenticated user could execute any other user’s flow by specifying the victim’s flow UUID in the request. Fixed in Langflow 1.9.1 (PR #12832), which enforces ownership validation on both lookup branches and returns 404 for cross-user access rather than leaking flow existence via error codes.
Severity note
NVD scores CVE-2026-55255 at 8.4 (high). Langflow’s own advisory calls it 9.9 (critical). This site defers to NVD for the severity badge and flags the vendor’s framing in prose — same policy applied on BeyondTrust’s four-CVE RS/PRA bundle three days ago. The gap between the two scores turns on assumed impact scope; a shared-team Langflow deployment where workflow-editor accounts are handed out liberally sits closer to the vendor’s score than NVD’s.
Advisory context
CISA added CVE-2026-55255 to the Known Exploited Vulnerabilities catalog on 2026-07-07 alongside two Joomla page-builder RCEs — CVE-2026-56290 (Joomlack Page Builder) and CVE-2026-48908 (JoomShaper SP Page Builder). Federal due date: 2026-07-10.
This is the second Langflow entry on KEV in two weeks — a separate Langflow code-execution flaw was the initial-access vector in Sysdig’s JADEPUFFER ransomware writeup covered earlier this month.
What to do
Upgrade to Langflow 1.9.1. If a same-week upgrade is not possible, restrict /api/v1/responses at the ingress and audit the last 30 days of flow-execution logs for cross-user activity — see the article writeup for the full priority order across the three July 7 KEV adds.
NVD’s canonical record: CVE-2026-55255.