Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

CVE-2026-33017

Critical Langflow RCE CVE-2026-33017 Exploited Within 20 Hours of Disclosure

News, Research, Vulnerabilities

March 21, 2026

A critical unauthenticated RCE in Langflow, CVE-2026-33017 (CVSS 9.3), was disclosed on March 17, 2026 and exploited within 20 hours. Users should apply patches, rotate secrets and restrict network access to public instances.

About
Editorial Policy
Privacy
Contact