SCA: security update for langflow (GHSA-5993-7p27-66g5)

medium Tenable Cloud Security Plugin ID 436446

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0,
Langflow provides an API Request component that can issue arbitrary HTTP requests within a flow. This
component takes a user-supplied URL, performs only normalization and basic format checks, and then sends
the request using a server-side httpx client. It does not block private IP ranges (127[.]0[.]0[.]1, the
10/172/192 ranges) or cloud metadata endpoints (169[.]254[.]169[.]254), and it returns the response body
as the result. Because the flow execution endpoints (/api/v1/run, /api/v1/run/advanced) can be invoked
with just an API key, if an attacker can control the API Request URL in a flow, non-blind SSRF is
possible—accessing internal resources from the server’s network context. This enables requests to, and
collection of responses from, internal administrative endpoints, metadata services, and internal
databases/services, leading to information disclosure and providing a foothold for further attacks.
Version 1.7.0 contains a patch for this issue. (CVE-2025-68477)

See Also

https://github.com/advisories/GHSA-5993-7p27-66g5

Plugin Details

Severity: Medium

ID: 436446

Version: Revision 1.7

Type: Local

Family: SCA Checks

Published: 12/20/2025

Updated: 7/2/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 3

Percentile: 23.73

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N

CVSS Score Source: CVE-2025-68477

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.9

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/19/2025

Vulnerability Publication Date: 12/19/2025

Reference Information

CVE: CVE-2025-68477

cwe: CWE-918