Understanding Langflow CVE-2026-55255, and why higher CVSS vulnerabilities aren't always the most exploited
Blog post from Sysdig
In June 2026, the Sysdig Threat Research Team observed the first active exploitation of the Langflow vulnerability, CVE-2026-55255, despite its higher CVSS score of 9.9, which had not been as widely exploited as its lower-scored counterpart, CVE-2026-33017, with a score of 9.3. Langflow, an open-source framework for building AI agents, was targeted by an operator who prioritized the unauthenticated remote code execution (RCE) vulnerability over the cross-tenant insecure direct object reference (IDOR) due to the effort-to-yield optimization by threat actors. The RCE vulnerability, which requires only network access, was rapidly exploited and used for attacks such as AWS-key theft and malicious deployments, whereas the IDOR vulnerability, requiring more complex exploitation, was largely ignored despite its higher CVSS score indicating a potentially severe impact in multi-tenant environments. The findings highlight how CVSS scores do not always correlate with real-world exploitation likelihood, as attackers may choose vulnerabilities that offer maximum yield with minimal effort.
| Trend | Post Mentions | Total Month Mentions | Posts | Companies | MoM |
|---|---|---|---|---|---|
| LLM | 5 | 5,172 | 1,006 | 220 | -43% |
| RAG | 2 | 885 | 228 | 95 | -58% |
| Secrets Management | 2 | 2,063 | 322 | 117 | -4% |
| AI Agents | 1 | 4,874 | 1,103 | 240 | -1% |