{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6598", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-19T13:47:03.207Z", "datePublished": "2026-04-20T02:45:15.874Z", "dateUpdated": "2026-04-20T02:45:15.874Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-20T02:45:15.874Z"}, "title": "langflow-ai langflow Project Creation Endpoint projects.py encrypt_auth_settings cleartext storage in file", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-313", "lang": "en", "description": "Cleartext Storage in a File or on Disk"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-312", "lang": "en", "description": "Cleartext Storage of Sensitive Information"}]}], "affected": [{"vendor": "langflow-ai", "product": "langflow", "versions": [{"version": "1.8.0", "status": "affected"}, {"version": "1.8.1", "status": "affected"}, {"version": "1.8.2", "status": "affected"}, {"version": "1.8.3", "status": "affected"}], "cpes": ["cpe:2.3:a:langflow:langflow:*:*:*:*:*:*:*:*"], "modules": ["Project Creation Endpoint"]}], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_project/encrypt_auth_settings of the file src/backend/base/Langflow/api/v1/projects.py of the component Project Creation Endpoint. Such manipulation of the argument auth_settings leads to cleartext storage in a file or on disk. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-19T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-19T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-19T15:52:22.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Eric-f (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/358233", "name": "VDB-358233 | langflow-ai langflow Project Creation Endpoint projects.py encrypt_auth_settings cleartext storage in file", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/358233/cti", "name": "VDB-358233 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/791921", "name": "Submit #791921 | Langflow <= 1.8.3 CWE-311: Missing Encryption of Sensitive Data", "tags": ["third-party-advisory"]}, {"url": "https://gist.github.com/chenhouser2025/77adb3486c06c635ae4b09a3eaf90213", "tags": ["exploit"]}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_project/encrypt_auth_settings of the file src/backend/base/Langflow/api/v1/projects.py of the component Project Creation Endpoint. Such manipulation of the argument auth_settings leads to cleartext storage in a file or on disk. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "id": "CVE-2026-6598", "lastModified": "2026-04-20T04:16:52.857", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-20T04:16:52.857", "references": [{"source": "cna@vuldb.com", "url": "https://gist.github.com/chenhouser2025/77adb3486c06c635ae4b09a3eaf90213"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/791921"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/358233"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/358233/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-312"}, {"lang": "en", "value": "CWE-313"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T05:25:29.088558+00:00", "value": {"mitigation_remediation": ["Apply a fixed release of Langflow when available or remove the vulnerable create_project/encrypt_auth_settings function.", "Restrict access to the Project Creation Endpoint, limiting it to trusted users or IP addresses, and enforce authentication before processing project creation requests.", "Ensure that any authentication settings are stored using secure encryption mechanisms or a secrets manager, and modify the code to prevent cleartext writes to disk."], "summary": {"action": "Assess Impact", "impact": "Confidentiality compromise (cleartext storage of authentication settings)"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the langflow\u2011ai Langflow application versions up to 1.8.3. This includes the Project Creation Endpoint that writes authentication settings to disk in cleartext.", "description_and_impact": "The vulnerability lies in the create_project/encrypt_auth_settings function of the Project Creation Endpoint, which writes authentication settings directly to a file on disk in cleartext. This results in cleartext storage of potentially sensitive credentials, exposing them to anyone with read access to the file system. The weakness is identified as CWE\u2011312 (Cleartext Storage of Sensitive Information) and CWE\u2011313 (Insecure Encryption). An attacker who obtains the authentication settings can gain unauthorized access to services the credentials protect, thereby compromising confidentiality and possibly enabling further attacks such as privilege escalation.\nThe affected product is langflow\u2011ai's Langflow platform, with versions up to and including 1.8.3. The flaw resides specifically in src/backend/base/Langflow/api/v1/projects.py and impacts the Project Creation Endpoint provided by the API.\nThe risk is moderate, reflected by a CVSS score of 5.3. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog. The attack can be launched remotely against the API, and the exploit has been publicly disclosed. While no automated exploitation package is reported, the cleartext storage provides a straightforward method for an attacker to retrieve credentials once they have any level of access to the system\u2019s filesystem or the running application\u2019s environment.", "risk_and_exploitability": "The CVSS score of 5.3 indicates a medium severity. The EPSS score is not available, and the vulnerability is not in the CISA KEV list. Attackers can exploit the flaw remotely by triggering the Project Creation Endpoint with manipulated auth_settings, causing the application to persist sensitive data in cleartext. Because the flaw lies in the backend code and the attack surface is the exposed API, the likelihood of exploitation depends on the exposure of the API to untrusted users and the presence of any authentication controls around it."}}}}, "created": "2026-04-20T05:30:44.131271+00:00", "updated": "2026-04-20T05:30:44.131281+00:00", "vendors": []}