Attackers using Langflow flaw for credential harvesting (CVE-2026-55255)

Jul 08, 2026 - 16:15
Attackers using Langflow flaw for credential harvesting (CVE-2026-55255)

The US Cybersecurity and Infrastructure Security Agency (CISA) is warning about yet another Langflow vulnerability (CVE-2026-55255) leveraged by attackers in the wild. The flaw was added to the agency’s Known Exploited Vulnerabilities catalog on Tuesday, July 7, nearly two weeks after the Sysdig Threat Research Team observed it being actively targeted. CVE-2026-55255 exploited Langflow is an open-source visual framework for building AI agents and workflows, widely used by individual developers, enterprises, and service providers. CVE-2026-55255 … More

The post Attackers using Langflow flaw for credential harvesting (CVE-2026-55255) appeared first on Help Net Security.