{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5025", "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "state": "PUBLISHED", "assignerShortName": "tenable", "dateReserved": "2026-03-27T14:36:29.989Z", "datePublished": "2026-03-27T14:43:00.533Z", "dateUpdated": "2026-03-27T15:38:54.925Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable", "dateUpdated": "2026-03-27T14:43:00.533Z"}, "title": "Langflow - Application Logs Exposed to All Authenticated Users", "datePublic": "2026-03-27T16:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization", "type": "CWE"}]}], "affected": [{"vendor": "langflow-ai", "product": "langflow", "repo": "https://github.com/langflow-ai/langflow", "versions": [{"status": "affected", "version": "0", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The '/logs' and '/logs-stream' endpoints in the log router allow any authenticated user to read the full application log buffer. These endpoints only require basic authentication ('get_current_active_user') without any privilege checks (e.g., 'is_superuser').", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>The '/logs' and '/logs-stream' endpoints in the log router allow any authenticated user to read the full application log buffer. These endpoints only require basic authentication ('get_current_active_user') without any privilege checks (e.g., 'is_superuser').</p>"}]}], "references": [{"url": "https://www.tenable.com/security/research/tra-2026-23"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-27T15:37:09.166459Z", "id": "CVE-2026-5025", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T15:38:54.925Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5025", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-27T15:37:09.166459Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T15:38:49.156Z"}}], "cna": {"title": "Langflow - Application Logs Exposed to All Authenticated Users", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/langflow-ai/langflow", "vendor": "langflow-ai", "product": "langflow", "versions": [{"status": "affected", "version": "0", "versionType": "custom"}], "defaultStatus": "unaffected"}], "datePublic": "2026-03-27T16:00:00.000Z", "references": [{"url": "https://www.tenable.com/security/research/tra-2026-23"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "The '/logs' and '/logs-stream' endpoints in the log router allow any authenticated user to read the full application log buffer. These endpoints only require basic authentication ('get_current_active_user') without any privilege checks (e.g., 'is_superuser').", "supportingMedia": [{"type": "text/html", "value": "<p>The '/logs' and '/logs-stream' endpoints in the log router allow any authenticated user to read the full application log buffer. These endpoints only require basic authentication ('get_current_active_user') without any privilege checks (e.g., 'is_superuser').</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable", "dateUpdated": "2026-03-27T14:43:00.533Z"}}}, "cveMetadata": {"cveId": "CVE-2026-5025", "state": "PUBLISHED", "dateUpdated": "2026-03-27T15:38:54.925Z", "dateReserved": "2026-03-27T14:36:29.989Z", "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "datePublished": "2026-03-27T14:43:00.533Z", "assignerShortName": "tenable"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The '/logs' and '/logs-stream' endpoints in the log router allow any authenticated user to read the full application log buffer. These endpoints only require basic authentication ('get_current_active_user') without any privilege checks (e.g., 'is_superuser')."}], "id": "CVE-2026-5025", "lastModified": "2026-03-30T13:26:29.793", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "vulnreport@tenable.com", "type": "Secondary"}]}, "published": "2026-03-27T15:17:04.447", "references": [{"source": "vulnreport@tenable.com", "url": "https://www.tenable.com/security/research/tra-2026-23"}], "sourceIdentifier": "vulnreport@tenable.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "vulnreport@tenable.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "0"}}], "enrichment": {"confidence": 92.0, "confidence_source": "matching", "scores": [{"score": 92.0, "source": "matching"}]}, "original": {"product": "langflow", "source": "cna", "vendor": "langflow-ai"}, "product": "langflow", "vendor": "langflow"}], "analysis": {"en": {"generated_at": "2026-03-27T16:21:47.924057+00:00", "value": {"mitigation_remediation": ["Apply the latest Langflow release that includes authorization checks for the /logs endpoints.", "If an update is unavailable, restrict access to the log endpoints by removing them or adding role\u2011based restrictions in the router configuration.", "Verify that only privileged or super\u2011user accounts can access logging routes.", "Disable or hide the /logs and /logs-stream routes in production environments where log visibility is not required.", "Monitor authentication logs for any unexpected usage of the log endpoints."], "summary": {"action": "Patch Immediately", "impact": "Unrestricted Access to Application Logs"}, "threat_synthesis": {"affected_systems": "The affected product is the Langflow\u2011AI Langflow application. No specific version information is provided in the advisory, so all installations that use the vulnerable log\u2011router endpoints are presumed to be impacted. Administrators should verify whether the log endpoints are enabled in their deployment and consider which user accounts have access.", "description_and_impact": "The vulnerability originates in the /logs and /logs-stream endpoints of Langflow\u2019s log router. The endpoints perform basic authentication with the current user but do not enforce any privileged checks, meaning that any authenticated user can invoke them. As a result, a user can download the entire application log buffer, potentially exposing sensitive data such as stack traces, configuration strings, or authentication tokens. This exposure directly violates confidentiality and is identified as a Missing Authorization weakness (CWE\u2011862).", "risk_and_exploitability": "The CVSS score of 6.5 indicates a moderate severity. With no EPSS score provided and the issue absent from the CISA KEV catalog, the likelihood of widespread exploitation is uncertain; however, the attack condition only requires valid credentials. An attacker who obtains or compromises any user account can read all logs, making the vulnerability straightforward to exploit for anyone who can authenticate."}}}}, "created": "2026-03-27T20:28:25.326251+00:00", "updated": "2026-03-30T07:59:38.366008+00:00", "vendors": ["langflow", "langflow$PRODUCT$langflow"]}