Cybersecurity experts have raised alarms over a newly identified campaign that is actively exploiting a critical security flaw in the Langflow framework, allowing attackers to deploy the Flodrix botnet malware. According to a report from Trend Micro, threat actors are leveraging the CVE-2025-3248 vulnerability, which received a high severity CVSS score of 9.8, to execute downloader scripts on compromised Langflow servers.
The vulnerability is rooted in a missing authentication issue within Langflow, a Python-based visual framework for building artificial intelligence applications. Researchers from Trend Micro, including Aliakbar Zahravi and Ahmed Mohamed Ibrahim, emphasized that the flaw enables unauthenticated attackers to execute arbitrary code through specially crafted HTTP requests. This vulnerability was patched in March 2025 with the release of version 1.3.0 of Langflow.
As of last month, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) noted that this critical flaw is being exploited in real-world scenarios, as highlighted by reports from the SANS Technology Institute, which detected exploit attempts against its honeypot servers. Trend Micro’s latest findings indicate that cybercriminals are targeting unpatched Langflow instances that are exposed to the internet, utilizing publicly available proof-of-concept (PoC) code to conduct reconnaissance and deploy scripts that fetch the Flodrix botnet malware.
Once installed, the Flodrix botnet is capable of communicating with a remote server to launch Distributed Denial-of-Service (DDoS) attacks on targeted IP addresses. Notably, the botnet also has the capability to connect via the TOR network, enhancing its anonymity. Researchers highlighted that the lack of input validation and sandboxing in Langflow allows the botnet’s payloads to execute within the server’s context, raising significant security concerns.
Moreover, evidence suggests that the threat actors are actively refining their operations. Trend Micro’s observations revealed that different downloader scripts are being hosted on the same server, indicating ongoing development of this malicious campaign. Flodrix is believed to be an advanced iteration of a previous botnet known as LeetHozer, incorporating improved stealth capabilities and new types of DDoS attacks, now encrypted to further complicate detection efforts.
In light of these developments, cybersecurity professionals stress the importance of applying necessary patches and maintaining vigilance to defend against the evolving threats posed by such botnets.