Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers. [...]
Path traversal flaw in AI dev platform Langflow exploited in attacks
Summary + source link. No paywalls, no tracking.