CVE-2026-33017: How attackers compromised Langflow AI pipelines in 20 hours

A critical vulnerability, CVE-2026-33017, in Langflow, an open-source AI framework, allowed unauthenticated remote code execution via a public endpoint, resulting in rapid exploitation within 20 hours of its disclosure. Attackers swiftly constructed working exploits based on the advisory, targeting exposed instances to exfiltrate sensitive information like keys and credentials, posing risks to connected databases and the software supply chain. Sysdig Threat Research Team observed the attack unfold in phases, from automated scanning to targeted data harvesting, using both automated tools and custom scripts. This incident highlights the urgent challenge for defenders as the time between vulnerability disclosure and exploitation has drastically shortened, emphasizing the need for runtime detection, network segmentation, and rapid response as traditional patch cycles prove insufficient against such swift threats.