Home > Vulnerability Database > CVE-2025-34291

Mend.io Vulnerability Database

CVE-2025-34291

Good to know:

Date: December 5, 2025

Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account takeover and remote code execution. An overly permissive CORS configuration (allow_origins='*' with allow_credentials=True) combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh endpoint. An attacker-controlled origin can therefore obtain fresh access_token / refresh_token pairs for a victim session. Obtained tokens permit access to authenticated endpoints — including built-in code-execution functionality — allowing the attacker to execute arbitrary code and achieve full system compromise.

Severity Score

8.6

Related Resources (5)

Url: https://www.vulncheck.com/advisories/langflow-cors-misconfiguration-to-token-hijack-and-rce

Url: https://www.obsidiansecurity.com/blog/cve-2025-34291-critical-account-takeover-and-rce-vulnerability-in-the-langflow-ai-agent-workflow-platform

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-34291

Url: https://github.com/langflow-ai/langflow

Url: https://www.mend.io/vulnerability-database/CVE-2025-34291

Severity Score

8.6

Weakness Type (CWE)

Origin Validation Error

CWE-346

CVSS v3.1

Base Score:	8.6
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-34291

Good to know:

Date: December 5, 2025

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?