Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
Cavern agents were observed in the wild using DLL sideloading, NativeAOT modules, AppDomain unloading, and low VirusTotal ...
这是一个每天同步Vulnerability-Wiki中docs-base中内容的项目. Contribute to J1ezds/Vulnerability-Wiki-page development by creating an account on GitHub.
Critical flaws affecting core components and extensions in PostgreSQL and MariaDB could allow remote code execution. The bugs, some over 20 years old, have now been patched. Open-source databases are ...
In early 2025, CISA added CVE-2025-3248 to their Known Exploited Vulnerabilities catalog. It was an unauthenticated remote code execution bug in Langflow, the popular open-source AI workflow builder ...
Database and related services provider DataStax is acquiring Logspace, creator of the open source package Langflow, for an undisclosed sum, in order to help developers build generative AI applications ...
Microsoft has decided to pull back support for Transport Layer Security versions 1.0 and 1.1 in upcoming Windows rollouts. Microsoft has decided to disallow Transport Layer Security (TLS) versions 1.0 ...