{"vulnerability": "cve-2026-5027", "sightings": [{"uuid": "0ead8fe4-329d-4812-b4b2-20ba91ba2529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mi37wax65s27", "content": "", "creation_timestamp": "2026-03-27T23:00:43.877720Z"}, {"uuid": "0dcbd80f-75d1-4480-9084-4ccf3f8d5102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116302518672297608", "content": "", "creation_timestamp": "2026-03-27T18:20:00.459591Z"}, {"uuid": "c95eca6e-8c31-4cea-996d-31906ed717e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mi3a7ggw5g2p", "content": "", "creation_timestamp": "2026-03-27T23:05:51.664647Z"}, {"uuid": "37464c46-31c8-449c-a617-b132f10269fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "Telegram/s6a33mDrs3hh09uIAjQW8DorcIr1-yJ_HPhw8gyLF28vTKM", "content": "", "creation_timestamp": "2026-04-03T11:00:12.000000Z"}, {"uuid": "e3372b29-40ed-4f25-a8a7-e9ebed092d61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hakksaww.bsky.social/post/3mizwlisaa62l", "content": "", "creation_timestamp": "2026-04-09T04:06:10.931819Z"}, {"uuid": "bba5a392-5468-46d0-b748-71829dc43662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/78441", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-5027\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a yahiahamza\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-02 10:49:33\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-5027 - Langflow Path Traversal to Remote Code Execution (CVSS 8.8)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-02T11:00:04.000000Z"}, {"uuid": "40f55531-dfd4-4d7e-a770-8380bca11142", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "Telegram/fggUxSZ91PhRQG8cFeDPjLDOfmrqN_z7qBGoCgdZvWC0z40", "content": "", "creation_timestamp": "2026-04-02T15:00:09.000000Z"}, {"uuid": "811a78be-4d10-40c3-be4a-4bc459b84b4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/78608", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-5027\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a EQSTLab\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-03 10:35:52\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nLangflow, Remote Code Execution (RCE) via Cron Job Injection through Path Traversal (CVE-2026-5027)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-03T11:00:04.000000Z"}, {"uuid": "e3c0360d-f078-4fca-bb0b-d90670a277e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/78586", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-5027\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a min8282\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-03 09:49:29\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nLangflow, Remote Code Execution (RCE) via Cron Job Injection through Path Traversal (CVE-2026-5027)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-03T10:00:04.000000Z"}, {"uuid": "3bcdf7e0-fbf2-4aa6-9543-82ca985702ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://t.me/GithubRedTeam/78649", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-5027\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a 0xBlackash\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-03 16:56:30\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-5027\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-03T17:00:04.000000Z"}, {"uuid": "c824851a-07cc-4992-9fd5-0509d63b8da0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-5027.yaml", "content": "", "creation_timestamp": "2026-06-09T19:01:02.000000Z"}, {"uuid": "5c52b84d-86e4-4c8f-8f7a-b38b489c8d4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "Telegram/PYoXNzyZrYaKFbj-BEEJp3q5SxJy9E0IbGus7zdCQfw4dWs", "content": "", "creation_timestamp": "2026-04-03T15:00:07.000000Z"}, {"uuid": "f9870780-6b8d-4141-9e8a-e6d3560eb82e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "Telegram/TImB4WLg9m4sLGXOfrFfePfJsw5eV9JDphaGTzdqtpQzKI4", "content": "", "creation_timestamp": "2026-04-03T21:00:05.000000Z"}, {"uuid": "17f7e1f9-02ca-430c-a0a5-9f61ed3c826f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "published-proof-of-concept", "source": "Telegram/kHfLfkapUcGKUVgufiQubA_bscQ_MrKjcom26lkyfAO4Fyc", "content": "", "creation_timestamp": "2026-03-27T17:23:12.000000Z"}, {"uuid": "03774d07-ff46-40f5-b0ce-9e08cc27a3fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mnx72hpe2c2e", "content": "Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE\n\nthehackernews.com/2026/06/unpa...\n\n#Cybersecurity #ThreatIntel #Vulnerability", "creation_timestamp": "2026-06-10T17:05:43.536288Z"}, {"uuid": "6a8ee72a-d522-4d0a-ba9d-725d3c89da8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/cerberusit.bsky.social/post/3mnxajnm65c26", "content": "The high-severity unpatched flaw CVE-2026-5027 in Langflow is currently being actively exploited, because of course it is. This mess directly affects developers using this low-code AI platform, allowing attackers to run remote code without even needing to ask for a password. Prot...\n\nRead full story", "creation_timestamp": "2026-06-10T17:32:06.888207Z"}, {"uuid": "2deabc06-83cf-4897-ad99-6db9f4d03b3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnxscwpjnn2t", "content": "\ud83d\udea8 ACTIVE EXPLOIT: AI Platform Langflow Under Attack\n\nCVE-2026-5027 | CVSS 9.8 | Path Traversal\n\n\ud83d\udccb WHAT IT IS:\nAttackers are actively exploiting a critical path traversal vulnerability in Langflow \u2014 a popular open-source AI development platform. The flaw allows unauthenticated attackers to read arbit", "creation_timestamp": "2026-06-10T22:50:26.958422Z"}, {"uuid": "20d2f83f-2ee6-486d-8c8f-8712c29288bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnxp2mw4qd2v", "content": "Silent Intrusion in AI Systems: CVE-2026-5027 Turns Langflow Into a Live Exploitation Battlefield +\u00a0Video\n\n\ud83e\udde0 Introduction: When AI Builders Become Attack Targets The rapid expansion of AI development platforms has created powerful tools for engineers, but it has also opened dangerous doors for\u2026", "creation_timestamp": "2026-06-10T21:52:08.282230Z"}, {"uuid": "e7a61a72-9744-4439-96d9-da9f88768426", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mnxqdu2lzq42", "content": "Path traversal flaw in AI dev platform Langflow exploited in attacks BleepingComputer Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI develop...\n\n#Security #News\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-10T22:15:32.344133Z"}, {"uuid": "9ee564f6-f98a-43aa-852e-d8dc58253a89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3mnxrbtbe4r23", "content": "\ud83d\udea8 Breaking: Path traversal flaw in AI dev platform Langflow exploited in attacks\nAttackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers\u2026\n\n\ud83d\udd17 https://hnow.live/a/dc898656", "creation_timestamp": "2026-06-10T22:31:56.655827Z"}, {"uuid": "aca30a44-b5e6-4969-8858-413b38c5f5cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mnx2p444fd2m", "content": "CVE-2026-5027 in Langflow enables unauthenticated path traversal to write arbitrary files, with active exploitation in the wild and potential remote code execution.\n", "creation_timestamp": "2026-06-10T15:47:46.186688Z"}, {"uuid": "c81a1383-68d4-4d74-9aad-cabcb77c4102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://thehackernews.com/2026/06/unpatched-langflow-flaw-cve-2026-5027.html", "content": "A high-severity unpatched security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under active exploitation in the wild, according to findings from VulnCheck.\n\nThe vulnerability in question is CVE-2026-5027 (CVSS score: 8.8), a case of path traversal that could allow an attacker to write files to arbitrary locations.\n\n\"The 'POST /", "creation_timestamp": "2026-06-10T13:00:59.000000Z"}, {"uuid": "8580ca29-d5f8-4bc8-acba-5245941cc5dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3mnxnij22en2v", "content": "Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers.", "creation_timestamp": "2026-06-10T21:24:05.769627Z"}, {"uuid": "8d1515e5-4640-403d-b32f-cf4faa8b3184", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mnxo6cc5fo25", "content": "AI\u30a2\u30d7\u30ea\u958b\u767a\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u300cLangflow\u300d\u306e\u30d1\u30b9\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u8106\u5f31\u6027\u3001\u5b9f\u653b\u6483\u3067\u306e\u60aa\u7528\u3092\u78ba\u8a8d\n\n\u653b\u6483\u8005\u304c\u73fe\u5728\u3001AI\u30a2\u30d7\u30ea\u958b\u767a\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u300cLangflow\u300d\u306b\u5b58\u5728\u3059\u308b\u6df1\u523b\u306a\u30d1\u30b9\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u8106\u5f31\u6027\u300cCVE-2026-5027\u300d\u3092\u7a4d\u6975\u7684\u306b\u60aa\u7528\u3057\u3066\u304a\u308a\u3001\u516c\u958b\u3055\u308c\u3066\u3044\u308b\u30b5\u30fc\u30d0\u30fc\u4e0a\u306b\u4efb\u610f\u306e\u30d5\u30a1\u30a4\u30eb\u3092\u66f8\u304d\u8fbc\u3080\u653b\u6483\u304c\u78ba\u8a8d\u3055\u308c\u3066\u3044\u307e\u3059\u3002 Langflow\u306f\u3001AI\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u30fbAI\u30a8\u30fc\u30b8\u30a7\u30f3\u30c8\u30fbRAG\uff08Retrieval", "creation_timestamp": "2026-06-10T21:36:16.265868Z"}, {"uuid": "937cb41e-8f41-4aa8-9a91-edb3e8caf973", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnxx2gtbwj2n", "content": "Attackers are exploiting CVE-2026-5027 in Langflow, using a path traversal flaw in /api/v2/files to write arbitrary files on exposed servers. The default unauthenticated auto-login makes access easier. #Langflow #CVE20265027 #Tenable", "creation_timestamp": "2026-06-11T00:15:11.621284Z"}, {"uuid": "9c812681-f676-4060-8912-e887e0b777ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnxxvdpc3r2r", "content": "Unpatched Langflow CVE-2026-5027 is being exploited for unauthenticated RCE via path traversal in /api/v2/files, allowing arbitrary file writes on exposed instances. #Langflow #CVE20265027 #RCE", "creation_timestamp": "2026-06-11T00:30:14.177802Z"}, {"uuid": "da0e7f6d-d8d3-4f3a-899f-cf615c77350c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mnxyfg3zaw23", "content": "\u30d1\u30c3\u30c1\u672a\u9069\u7528\u306eLangflow\u306e\u8106\u5f31\u6027CVE-2026-5027\u304c\u60aa\u7528\u3055\u308c\u3001\u8a8d\u8a3c\u306a\u3057\u306e\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u304c\u53ef\u80fd\u306b \n\nUnpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE  #HackerNews (Jun 10)\n\nthehackernews.com/2026/06/unpa...", "creation_timestamp": "2026-06-11T00:39:12.886228Z"}, {"uuid": "13738f27-0d9b-4bf9-b949-33dc5b3d0833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnxrnduhwl23", "content": "\ud83d\udea8 CRITICAL ALERT: N/A\n\nCVSS 9.0/10\n\n\ud83d\udccb WHAT IT IS:\nAttackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers. [...]\n\n\ud83c\udfaf WHO'S AFFECTED:\n  \u2022 See NVD for affected products\n\n\u2694\ufe0f HOW IT'", "creation_timestamp": "2026-06-10T22:38:22.354690Z"}, {"uuid": "3d255c37-c768-498a-8494-b89bd07800aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/reconbee.bsky.social/post/3mnyo2lj5rk2j", "content": "Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE reconbee.com/unpatched-la...\n\n#Langflow #RCE #cybersecurity #cyberattack", "creation_timestamp": "2026-06-11T07:06:55.411406Z"}, {"uuid": "ae7ebf2f-e68e-4602-9176-202e16407e0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5027", "type": "seen", "source": "https://bsky.app/profile/blindthoughts.bsky.social/post/3mnyelsu6qd2w", "content": "Langflow CVE-2026-5027 Actively Exploited \u2014 Patch or Take Offline Now\n\nhttps://blindthoughts.com/langflow-cve-2026-5027-path-traversal-exploited\n\n#vulnerability #aitooling #cve #pathtraversal #patchnow", "creation_timestamp": "2026-06-11T04:17:32.291632Z"}, {"uuid": "a312f765-e71b-4e4b-9720-36c4539f8f48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnyftumeqn2g", "content": "Exploiting the Invisible Gaps: Langflow CVE-2026-5027 Abuse and the Rise of Real-Time Payment Skimming Attacks in Modern Cybercrime +\u00a0Video\n\nEmotional Introduction: When Simple Oversights Become Massive Digital Breaks The cybersecurity landscape in 2026 is showing a dangerous pattern where small\u2026", "creation_timestamp": "2026-06-11T04:39:56.387692Z"}, {"uuid": "a08286d7-8785-4e73-b7ca-0dad8d47d08c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3mnysiv5jq32k", "content": "Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...", "creation_timestamp": "2026-06-11T08:26:26.895986Z"}, {"uuid": "035a7a3f-3242-4d22-8804-0efb3176baa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5027", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mnydhaqus22e", "content": "\ud83d\udcf0 Celah Keamanan Path Traversal pada Platform AI Langflow Aktif Dieksploitasi\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/11/celah-path-traversal-langflow-aktif-dieksploitasi/\n\n#aiPlatform #artificialIntelligence #celahKeamanan #cloudServer #cve-2026-5027 #cyberSecurity #hac", "creation_timestamp": "2026-06-11T03:57:05.336305Z"}, {"uuid": "7315a8fa-da20-4ecc-9a3e-f357e893e5bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5027", "type": "seen", "source": "https://bsky.app/profile/cyberlensai.bsky.social/post/3mnyyvpokkc2l", "content": "CVE watch: Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated...\n\nCheck exposure, dependency, and agent/tool access before panic-patching. Inventory beats vibes.\n\nSource: thehackernews.com\nhttps://thehackernews.com/2026/06/unpatched-langflow-flaw-cve-2026-5027.html", "creation_timestamp": "2026-06-11T10:20:59.185937Z"}, {"uuid": "b15abdbf-b4ab-4fe6-ae2f-1232b01a9c50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/pixelsandpulse.bsky.social/post/3mnzco5i6c326", "content": "A high-severity path traversal flaw in the AI dev platform Langflow (CVE-2026-5027) is being actively exploited, leading to RCE. With 7,000 instances exposed, this recurring issue demands immediate attention beyond just patching.\n\nhttps://www.tpp.blog/2kygg8e\n\n#cybersecurity #langflow #cve20265027", "creation_timestamp": "2026-06-11T13:15:43.084938Z"}, {"uuid": "a61cc8d2-c593-46e8-aafa-213d482ad524", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mnz6j4plxg2t", "content": "\u30cf\u30c3\u30ab\u30fc\u304cLangflow\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u3066\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\n\nVulnCheck\u306b\u3088\u308b\u3068\u3001\u8105\u5a01\u30a2\u30af\u30bf\u30fc\u304c\u4eba\u6c17\u306e\u30ed\u30fc\u30b3\u30fc\u30c9AI\u958b\u767a\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0Langflow\u306b\u5b58\u5728\u3059\u308b\u6df1\u523b\u306a\u8106\u5f31\u6027\u306e\u60aa\u7528\u3092\u958b\u59cb\u3057\u3066\u3044\u307e\u3059\u3002 CVE-2026-5027\uff08CVSS\u30b9\u30b3\u30a28.8\uff09\u3068\u3057\u3066\u8ffd\u8de1\u3055\u308c\u3066\u3044\u308b\u3053\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4e0a\u306e\u6b20\u9665\u306f\u3001\u653b\u6483\u8005\u304c\u30b7\u30b9\u30c6\u30e0\u4e0a\u306e\u4efb\u610f\u306e\u5834\u6240\u306b\u30d5\u30a1\u30a4\u30eb\u3092\u66f8\u304d\u8fbc\u3081\u308b\u30d1\u30b9\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u306e\u554f\u984c", "creation_timestamp": "2026-06-11T12:01:19.237192Z"}, {"uuid": "88980d31-2d40-4f43-abea-487e11c4552f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mnz6kooxr22n", "content": "Threat actors exploit CVE-2026-5027 in Langflow to write arbitrary files via path traversal, enabling unauthenticated remote code execution on exposed instances.\n", "creation_timestamp": "2026-06-11T12:02:11.733412Z"}, {"uuid": "3f158c86-169d-4406-81ed-e96ac1121b8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnz7lx4s4726", "content": "Langflow CVE-2026-5027: The Silent Path Traversal Crisis Turning AI Builders Into Open Targets +\u00a0Video\n\nIntroduction: When AI Low-Code Becomes a High-Risk Gateway A quiet but dangerous shift is unfolding inside modern AI infrastructure. Langflow, a popular open-source low-code platform used to\u2026", "creation_timestamp": "2026-06-11T12:20:48.897080Z"}, {"uuid": "a3ba7e05-30bc-4e15-b731-b5a7840b92e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnzgtcv4ee2r", "content": "Hackers are exploiting CVE-2026-5027 in Langflow, a path traversal flaw in /api/v2/files that can allow file writes and possible remote code execution. Thousands of exposed instances may be at risk. #Langflow #CVE2026_5027 #RCE", "creation_timestamp": "2026-06-11T14:30:11.759137Z"}, {"uuid": "f687e73d-9359-4ba9-9ffd-306276168306", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnzq2zq6mm2b", "content": "Critical Langflow flaw (CVE-2026-5027) enables remote code execution via file upload path-traversal. #Langflow #CVE20265027 #CyberSecurity #RemoteCodeExecution #Vulnerability #InfoSec thedailytechfeed.com/critical-lan...", "creation_timestamp": "2026-06-11T17:15:34.309070Z"}, {"uuid": "43ad902a-b9c4-47c3-906f-5a6cd7d37add", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/theitnerd.ca/post/3mnzmnleith2c", "content": "Threat Actors exploiting High Severity Vulnerability in\u00a0Langflow\n\nThreat actors are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in Langflow, a popular low-code platform for building AI applications....", "creation_timestamp": "2026-06-11T16:14:21.139742Z"}, {"uuid": "496acb72-d3d1-4a6c-9817-c1aa4959ced5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hakksaww.bsky.social/post/3mnzuquhkpk2m", "content": "CVE-2026-5027, Langflow: we've tracked it as a serial unauth-RCE target since March 21 and had six exploiter IPs indexed in April. New PoC June 11 \u2014 Iran's MuddyWater already weaponized one. And CVE-2026-50751, Check Point IKE: we flagged Qilin burning that edge door June 9, PoC June 10.", "creation_timestamp": "2026-06-11T18:39:21.825456Z"}, {"uuid": "91c7404f-6efe-49b7-abaf-e5d13880f3d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mnzrmsqlgc2h", "content": "Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE\n\nA high-severity unpatched security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under active exploitation in the wild, according to findings \u2026\n#hackernews #news", "creation_timestamp": "2026-06-11T17:43:23.859846Z"}, {"uuid": "f08da765-fec6-4e45-ab2d-c3dd13fb6b10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mo2cklxg2s2h", "content": "Path traversal flaw in AI dev platform Langflow exploited in attacks\n\nAttackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers. [...]\n#hackernews #news", "creation_timestamp": "2026-06-11T22:46:24.188375Z"}, {"uuid": "0734283f-d82a-43fc-b915-71c04d5ac017", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnzz6gbjeh2j", "content": "Langflow's CVE-2026-5027 is under active exploitation. Immediate action is needed to secure systems. #Langflow #CVE20265027 #CyberSecurity #AI #OpenSource #SecurityFlaw thedailytechfeed.com/critical-lan...", "creation_timestamp": "2026-06-11T19:58:31.136002Z"}, {"uuid": "7586e0ce-a86a-4b50-bf0b-188c83438f18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnzzaqe4v22y", "content": "Silent Intrusion in the AI Stack: Langflow Exploit CVE-2026-5027 Opens Path to Full Remote Code Execution +\u00a0Video\n\nIntroduction: When AI Development Tools Become the Weakest Link The rapid rise of low-code AI platforms has transformed how organizations build and deploy machine learning\u2026", "creation_timestamp": "2026-06-11T19:59:49.353478Z"}, {"uuid": "6e6f3d36-8f00-4153-826a-491c40650e59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5027", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mo2p4bqw6b2l", "content": "Top 3 CVE for last 7 days:\nCVE-2026-35273: 33 interactions\nCVE-2026-11645: 27 interactions\nCVE-2025-10263: 25 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-35273: 33 interactions\nCVE-2026-5027: 14 interactions\nCVE-2026-40992: 7 interactions\n", "creation_timestamp": "2026-06-12T02:31:02.282841Z"}]}