The Langflow visual framework for building AI applications has a critical unauthenticated remote code execution (RCE) vulnerability, CVE-2025-3248, affecting versions prior to 1.3.0. Researchers at Trend Micro discovered that attackers can exploit this vulnerability by sending specially crafted POST requests to the /api/v1/validate/code endpoint, allowing arbitrary code execution. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-3248 to its Known Exploited Vulnerabilities catalog, indicating confirmed exploitation in the wild. Cloudsmith Enterprise Policy Management can help quarantine affected packages by detecting vulnerable versions with a CVSS score above 6 and addressing them before they reach production environments. Users can check if they are affected by searching for publicly exposed Langflow servers using tools like Shodan or GitHub Search queries. The vulnerability is exploited by attackers who use public proof-of-concept code to gain remote shell access, run bash commands, install malware, and launch DDoS attacks. This highlights the importance of auditing and securing everything that comes from public upstreams, such as PyPI packages, using upstream proxying and caching.