Attacker Impact
GitHub Advisory Database describes CVE-2025-34291 as a Langflow CORS issue where an authenticated user's browser can make credentialed cross-origin requests to an affected Langflow instance [S1]. In the vulnerable conditions, a malicious site visited by a signed-in user may be able to reach authenticated Langflow API behavior, including token-refresh behavior and API actions that can expose sensitive workspace capabilities [S1]. NVD maps the issue to CWE-346 and records critical/high scoring for the advisory, while CISA lists the CVE in the Known Exploited Vulnerabilities catalog [S2][S3].
Affected Configurations
The affected range is Langflow 1.6.9 and earlier, with Langflow 1.7.0 listed as the fixed release [S1]. The risk is highest when Langflow is reachable from a user's browser, the API reflects untrusted origins, credentials are allowed in CORS responses, and users keep active authenticated sessions. Public exposure, reverse-proxy CORS overrides, and stored AI/API credentials can increase the operational impact [S1][S2].
Concrete Fixes
- Upgrade Langflow to 1.7.0 or newer, then restart the running service, worker, container, or package that actually serves traffic [S1].
- Configure Langflow and any reverse proxy with an explicit trusted-origin CORS allowlist. Do not reflect arbitrary
Originvalues whileAccess-Control-Allow-Credentialsistrue[S1]. - Keep Langflow behind authentication, VPN, SSO, or trusted-network access unless public exposure is explicitly required and reviewed [S2].
- Review sessions, tokens, workspace secrets, and access logs if an affected instance was reachable from untrusted networks [S3].
Covered by FixVibe
FixVibe verified active scans can report this issue when a verified target exposes target-specific Langflow version/fingerprint evidence for an affected release and a benign API CORS probe reflects a FixVibe test origin while allowing credentials. The check is bounded to HTTP headers and version/fingerprint evidence: it does not authenticate to Langflow, read tokens, trigger a browser refresh-token flow, verify a SameSite=None refresh cookie, submit state-changing API requests, execute code, or prove account takeover/RCE. Findings include source quality, affected and fixed versions, observed CORS headers, and remediation guidance [S1][S2][S3].
