Langflow AI orchestration platform vulnerability remains under active exploitation months after patch release

According to CSO Online, enterprises deploying the Langflow AI orchestration platform face a critical path traversal vulnerability in file upload functionality that enables arbitrary file writes through improper filename handling. The flaw has remained under active exploitation despite patches being available for over two months, leaving deployments with unpatched systems exposed to remote code execution attacks.