HomeCVE Intelligence › CVE-2026-5027
CVSS 8.0 HIGH 🔴 ACTIVELY EXPLOITED Security Vulnerability

CVE-2026-5027: Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE

A high-severity unpatched security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under active exploitation in the wild, according to findings from VulnCh…

8.0CVSS Score
HIGHSeverity
NOCISA KEV
Security VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-5027
VendorThe Hacker News
Affected ProductThreat Intelligence
Vulnerability TypeSecurity Vulnerability
CVSS Score8.0 (HIGH)
Actively Exploited✅ Yes
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via thehackernews)

🔬 Technical Analysis

A high-severity unpatched security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability in question is CVE-2026-5027 (CVSS score: 8.8), a case of path traversal that could allow an attacker to write files to arbitrary locations. "The 'POST /

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-5027 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence