{"vulnerability": "cve-2026-55255", "sightings": [{"uuid": "f3f60263-bc1c-4174-9039-d15cdae5d8db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55255", "type": "published-proof-of-concept", "source": "https://github.com/langflow-ai/langflow/security/advisories/GHSA-qrpv-q767-xqq2", "content": "", "creation_timestamp": "2026-06-19T13:17:29.000000Z"}, {"uuid": "dd244996-b48b-477f-a9e9-2dff07210531", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mook75kc3e2d", "content": "A critical Langflow bug (CVE-2026-55255, CVSS 9.9) lets any logged-in user run another user's AI workflow just by passing its flow ID. It's the latest in a 2026 run of broken-access-control flaws. Fixed in 1.9.1.\n\n#CVE #infosec #cybersecurity", "creation_timestamp": "2026-06-19T23:56:24.295410Z"}, {"uuid": "15927225-8e06-486b-bd4e-98d4d2a3adf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mp3fj5b7sq2n", "content": "\ud83d\udccc CVE-2026-55255 - Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, an Insecure Direct Object Reference (IDOR) vulnerabilit... https://www.cyberhub.blog/cves/CVE-2026-55255", "creation_timestamp": "2026-06-25T02:37:07.000132Z"}, {"uuid": "0ec1ee58-4270-4665-97d7-21c8c712c1ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mpal42uroh2t", "content": "Sysdig TRT spotted first active exploitation of Langflow CVE-2026-55255, with flow ID enumeration and an IDOR attempt to steal API keys. The lower-scored RCE still drove most abuse. #Langflow #CVE202655255 #CVE202633017", "creation_timestamp": "2026-06-27T04:00:29.747900Z"}, {"uuid": "54bb6569-e8fb-4070-91e0-ea23bbbd4397", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ee805f28-6d4c-4559-b398-87ff0a133ef0", "content": "", "creation_timestamp": "2026-07-07T18:00:02.403515Z"}, {"uuid": "7af37e6b-b489-4e69-ac57-c3e2e0847cc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/csirts.bsky.social/post/3mq34zqafiw2q", "content": "\ud83d\udea8 Added to CISA KEV \u2014 actively exploited:\nCVE-2026-55255: Langflow Authorization Bypass Through User-Controlled Key Vulnerability\n\nhttps://www.csirts.com/cve/CVE-2026-55255", "creation_timestamp": "2026-07-07T17:30:31.697218Z"}, {"uuid": "8dbaf1a4-655c-4fc1-b5cd-ea18f5aa3674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq354ildoj2e", "content": "CVE-2026-55255 - langflow [known exploited]\nAn authenticated attacker can access and execute another user's Langflow flow by knowing the flow's ID. This is a security risk because it allows unauthorized access\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#langflow #pip #CVE #infosec", "creation_timestamp": "2026-07-07T17:32:04.458749Z"}, {"uuid": "3121d537-7c2c-4d11-b73e-a3d5490d1fd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116879890133195498", "content": "CISA has updated the KEV catalogue.\n-  CVE-2026-56290: Joomlack Page Builder Improper Access Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-56290\n-  CVE-2026-55255: Langflow Authorization Bypass Through User-Controlled Key Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-55255\n-  CVE-2026-48908: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-48908\nSeveral industrial vulnerabilities: https://www.cisa.gov/ #infosec #vulnerability #CISA", "creation_timestamp": "2026-07-07T17:33:09.864562Z"}, {"uuid": "6ab2dd9b-0a11-4502-8708-b354ce734ecc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mq36dr4s372w", "content": "\ud83d\uded1 CVE-2026-55255\nLangflow Langflow\nCVSS 9.9 / EPSS 0% / KEV: No\nTL;DR: Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1\u2026\nhttps://cvesentinel.com/report/CVE-2026-55255?utm_source=bluesky&amp;utm_medium=social&amp;utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-07-07T17:54:05.867722Z"}, {"uuid": "34b31660-0317-46ab-8741-9c746732b717", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/dd1e4271-1fb8-4dfa-af0f-1b755d41763d", "content": "", "creation_timestamp": "2026-07-07T18:00:24.498362Z"}, {"uuid": "02834475-3804-4dbf-a0b5-9704f9edfaca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6935163", "content": "2026-07-07: [CVE-2026-55255] Langflow Authorization Bypass Through User-Controlled Key VulnerabilityLangflow contains an authorization bypass through user-controlled key vulnerability which allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in the request.\ncisakev", "creation_timestamp": "2026-07-07T18:26:56.822679Z"}, {"uuid": "e560a8e7-39c4-45fc-95e4-095b940af14e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mq3cvgykta2p", "content": "\ud83d\uded1 CVE-2026-55255\nLangflow Langflow\nCVSS 9.9 / EPSS 0% / KEV \u2705\nTL;DR: Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9\u2026\nhttps://cvesentinel.com/report/CVE-2026-55255?utm_source=bluesky&amp;utm_medium=social&amp;utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-07-07T19:15:30.649548Z"}, {"uuid": "48981de8-b761-4334-b603-667f26606c28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mq4cpumcxcfn", "content": "CVE-2026-48908 JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability\nCVE-2026-55255 Langflow Authorization Bypass Through User-Controlled Key Vulnerability  \nCVE-2026-56290 Joomlack Page Builder Improper Access Control Vulnerability", "creation_timestamp": "2026-07-08T04:45:04.182992Z"}, {"uuid": "9c07fb56-648e-469b-a130-f57baedfffe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mq4xzgqxiv27", "content": "CVE-2026-55255: CISA Orders Feds to Patch Langflow Auth Bypass Flaw #CVE202655255 #Langflow #CISA", "creation_timestamp": "2026-07-08T11:06:13.328318Z"}, {"uuid": "687827e4-c59c-47ee-9e75-63d8fec4c361", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mq4xznnb5f22", "content": "CVE-2026-55255: Langflow Exposes Federal Agencies to Exploitation Risk #CVE2026 #Langflow #CyberSecurity", "creation_timestamp": "2026-07-08T11:06:20.969119Z"}, {"uuid": "94b53167-b12f-499f-a126-8a7cf26ae9ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mq4xzsmiz527", "content": "CVE-2026-55255: CISA's Patching Order Fails to Address Langflow Security Risks #CyberSecurity #CVE2026 #Langflow", "creation_timestamp": "2026-07-08T11:06:26.054361Z"}, {"uuid": "231937bd-7fb3-45fe-8f50-7bf31b425c36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mq4xzw6nb62h", "content": "CVE-2026-55255: CISA's Urgency on Langflow Patching Reveals Deeper Risks #CVE2026 #Langflow #CISA", "creation_timestamp": "2026-07-08T11:06:29.093043Z"}, {"uuid": "6c399528-fa0c-4005-8d8e-42db869cd482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mq4xzzolev22", "content": "CVE-2026-55255: CISA's Urgent Call to Patch Langflow Only Fuels Speculation #CVE2026 #CISA #Langflow", "creation_timestamp": "2026-07-08T11:06:32.714444Z"}, {"uuid": "777731f1-7ffd-4d40-b343-3b20d670e721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mq4y25e72n27", "content": "CVE-2026-55255: Is CISA's Urgency Justified for Langflow Vulnerability? #CVE2026 #Langflow #CISA", "creation_timestamp": "2026-07-08T11:06:36.565752Z"}, {"uuid": "815189cf-fb3d-473d-8f09-3aec3c9d67af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116884244173717703", "content": "CRITICAL vulnerabilities in Adobe ColdFusion (CVE-2026-48282), Langflow (CVE-2026-55255), Joomla SP Page Builder (CVE-2026-48908), &amp; Page Builder CK (CVE-2026-56290) are being actively exploited for remote code execution &amp; backdoors. Patch ASAP! https://radar.offseq.com/threat/cisa-urges-immediate-patching-of-exploited-coldfus-c7b23bd787139571 #OffSeq #CyberSec #CVE", "creation_timestamp": "2026-07-08T12:00:27.446207Z"}, {"uuid": "7598de4a-5781-4894-9465-baa5f746ce52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://www.acn.gov.it/portale/w/langflow-rilevato-lo-sfruttamento-in-rete-della-cve-2026-55255", "content": "", "creation_timestamp": "2026-07-08T12:15:03.901629Z"}, {"uuid": "33322327-5c60-4865-8ff9-978a3cf352fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3mq56umvm722m", "content": "Cisco Talos UAT-7810 / LONGLEASH / ORB infrastructure:\nblog.talosintelligence.com/uat-7810/\n\nSysdig Langflow CVE-2026-55255 telemetry:\nwww.sysdig.com/blog/underst...", "creation_timestamp": "2026-07-08T13:08:49.077016Z"}, {"uuid": "0a642b98-4fcb-4734-8926-316267b2695d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3mq56umvtz22m", "content": "Cisco Talos UAT-7810 / LONGLEASH / ORB infrastructure:\nblog.talosintelligence.com/uat-7810/\n\nSysdig Langflow CVE-2026-55255 telemetry:\nwww.sysdig.com/blog/underst...", "creation_timestamp": "2026-07-08T13:08:49.509777Z"}, {"uuid": "fb831a00-a3d7-4d20-bcdf-8774670f5f8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3mq56umvtz32m", "content": "Cisco Talos UAT-7810 / LONGLEASH / ORB infrastructure:\nblog.talosintelligence.com/uat-7810/\n\nSysdig Langflow CVE-2026-55255 telemetry:\nwww.sysdig.com/blog/underst...", "creation_timestamp": "2026-07-08T13:08:49.908944Z"}, {"uuid": "74f942f1-39b7-4c4a-ab26-a4cd2524bc8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3mq56umvuyd2m", "content": "Cisco Talos UAT-7810 / LONGLEASH / ORB infrastructure:\nblog.talosintelligence.com/uat-7810/\n\nSysdig Langflow CVE-2026-55255 telemetry:\nwww.sysdig.com/blog/underst...", "creation_timestamp": "2026-07-08T13:08:50.326764Z"}, {"uuid": "085933d6-d8fa-4f2c-9acc-d3dc1af6f2f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mq57afvxdf26", "content": "CISA ordered U.S. agencies to patch Langflow CVE-2026-55255 by Friday after active exploitation of an IDOR flaw that can expose other users' flows, steal data, and consume resources. #Langflow #CISA #USA", "creation_timestamp": "2026-07-08T13:15:22.872335Z"}, {"uuid": "f4c0a55b-6286-40bd-ba0c-d15e9a6d25c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55255", "type": "seen", "source": "https://bsky.app/profile/hackerdogs.bsky.social/post/3mq5ccm34kh2r", "content": "Attackers are exploiting a critical Langflow vulnerability for credential theft, with CISA listing it in their KEV catalog.\nhttps://www.helpnetsecurity.com/2026/07/08/langflow-vulnerability-cve-2026-55255-exploited/", "creation_timestamp": "2026-07-08T14:10:17.768353Z"}, {"uuid": "447fbd2d-77b7-4b23-b7bd-38e3797c2eb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3mq5cge55ds2m", "content": "Attackers using Langflow flaw for credential harvesting (CVE-2026-55255)\n\n\ud83d\udcd6 Read more: www.helpnetsecurity.com/2026/07/08/l...\n\n#AI #enterprise #exploit #vulnerability #cybersecurity #cybersecuritynews @langflow.org @sysdig.com @sentinelone.com #CISA", "creation_timestamp": "2026-07-08T14:12:27.338561Z"}, {"uuid": "97223600-6360-4f1c-8c93-950d567f9d71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mq5cmemj2q2r", "content": "\u653b\u6483\u8005\u304cLangflow\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u8a8d\u8a3c\u60c5\u5831\u3092\u7a83\u53d6(CVE-2026-55255)\n\n\u7c73\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81(CISA)\u306f\u3001\u653b\u6483\u8005\u306b\u3088\u308b\u5b9f\u969b\u306e\u60aa\u7528\u304c\u78ba\u8a8d\u3055\u308c\u3066\u3044\u308b\u3001Langflow\u306e\u65b0\u305f\u306a\u8106\u5f31\u6027(CVE-2026-55255)\u306b\u3064\u3044\u3066\u8b66\u544a\u3092\u767a\u3057\u3066\u3044\u307e\u3059\u3002 \u3053\u306e\u8106\u5f31\u6027\u306f\u3001Sysdig\u8105\u5a01\u30ea\u30b5\u30fc\u30c1\u30c1\u30fc\u30e0\u304c\u7a4d\u6975\u7684\u306a\u6a19\u7684\u5316\u3092\u89b3\u6e2c\u3057\u3066\u304b\u30892\u9031\u9593\u8fd1\u304f\u7d4c\u3063\u305f7\u67087\u65e5\u706b\u66dc\u65e5\u306b\u3001", "creation_timestamp": "2026-07-08T14:15:47.057388Z"}, {"uuid": "3a200a25-5e33-45f0-b4f0-b3d1cc33c46b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mq5dhe3iec2f", "content": "5/ Patch alert: CISA added a Langflow AI-agent flaw (CVE-2026-55255) to its exploited vulnerabilities list. Federal deadline is July 10. Ubiquiti also patched 7 critical UniFi OS bugs. Update your gear. (via BleepingComputer)", "creation_timestamp": "2026-07-08T14:30:51.733264Z"}, {"uuid": "c1b0eaf3-7208-4968-afd7-0cfdd7714836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mq5dhe3p722f", "content": "5/ Patch alert: CISA added a Langflow AI-agent flaw (CVE-2026-55255) to its exploited vulnerabilities list. Federal deadline is July 10. Ubiquiti also patched 7 critical UniFi OS bugs. Update your gear. (via BleepingComputer)", "creation_timestamp": "2026-07-08T14:30:52.511376Z"}, {"uuid": "58105e79-209f-4a8a-92ea-8939c0f08f5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mq5dhe3r5k2f", "content": "5/ Patch alert: CISA added a Langflow AI-agent flaw (CVE-2026-55255) to its exploited vulnerabilities list. Federal deadline is July 10. Ubiquiti also patched 7 critical UniFi OS bugs. Update your gear. (via BleepingComputer)", "creation_timestamp": "2026-07-08T14:30:52.930530Z"}, {"uuid": "9d6b480d-9a7c-4637-9664-53eaf279b699", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mq5dhe3r5l2f", "content": "5/ Patch alert: CISA added a Langflow AI-agent flaw (CVE-2026-55255) to its exploited vulnerabilities list. Federal deadline is July 10. Ubiquiti also patched 7 critical UniFi OS bugs. Update your gear. (via BleepingComputer)", "creation_timestamp": "2026-07-08T14:30:53.347290Z"}, {"uuid": "783d5808-2299-447e-a5de-5b8aeb3941a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mq5dhe3s4t2f", "content": "5/ Patch alert: CISA added a Langflow AI-agent flaw (CVE-2026-55255) to its exploited vulnerabilities list. Federal deadline is July 10. Ubiquiti also patched 7 critical UniFi OS bugs. Update your gear. (via BleepingComputer)", "creation_timestamp": "2026-07-08T14:30:53.743020Z"}, {"uuid": "aba20c40-f58c-4cb1-865e-30d0076e9faa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mq5dhe3t432f", "content": "5/ Patch alert: CISA added a Langflow AI-agent flaw (CVE-2026-55255) to its exploited vulnerabilities list. Federal deadline is July 10. Ubiquiti also patched 7 critical UniFi OS bugs. Update your gear. (via BleepingComputer)", "creation_timestamp": "2026-07-08T14:30:54.143748Z"}, {"uuid": "ab208c01-f0ec-4d8e-8438-31162f791ae6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mq5dhe3t442f", "content": "5/ Patch alert: CISA added a Langflow AI-agent flaw (CVE-2026-55255) to its exploited vulnerabilities list. Federal deadline is July 10. Ubiquiti also patched 7 critical UniFi OS bugs. Update your gear. (via BleepingComputer)", "creation_timestamp": "2026-07-08T14:30:54.540960Z"}, {"uuid": "9b38ed8c-2027-44ef-99ae-4ea8506aef27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mq5dhe3t452f", "content": "5/ Patch alert: CISA added a Langflow AI-agent flaw (CVE-2026-55255) to its exploited vulnerabilities list. Federal deadline is July 10. Ubiquiti also patched 7 critical UniFi OS bugs. Update your gear. (via BleepingComputer)", "creation_timestamp": "2026-07-08T14:30:54.958820Z"}, {"uuid": "db916ca2-180f-424a-8c4d-9827cf259969", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/newssecia.bsky.social/post/3mq5dmfho3f2d", "content": "\ud83e\udd16 CVE-2026-55255 (CVSS 8.4): Langflow auth bypass (IDOR) added to CISA KEV. Actively exploited \u2014 attacker can execute arbitrary user flows via crafted flow ID. CISA orders patching by\u2026", "creation_timestamp": "2026-07-08T14:33:43.806485Z"}, {"uuid": "afd6d982-770f-43fc-86af-93bf7dfbc988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/deafnews-auto.bsky.social/post/3mq5fma7sfv26", "content": "CISA Orders 3-Day Patch for CVE-2026-55255 in Langflow", "creation_timestamp": "2026-07-08T15:09:22.520494Z"}, {"uuid": "d0cb991f-6e5e-42ba-904d-cb90a27de2e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55255", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mq5fmorya32u", "content": "\ud83d\udea8 CISA KEV [CVSS 8.4 \u00b7 HIGH]\nAttackers using Langflow flaw for credential harvesting (CVE-2026-55255)\n\nhttps://www.helpnetsecurity.com/2026/07/08/langflow-vulnerability-cve-2026-55255-exploited/\n\n#AISecurity #AI #CISA", "creation_timestamp": "2026-07-08T15:09:37.025968Z"}, {"uuid": "b291b89f-2ef5-412e-90af-94c2c4f30a5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55255", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mq5izsmnre26", "content": "\ud83d\udea8 CISA KEV [CVSS 8.4 \u00b7 HIGH]\nAttackers using Langflow flaw for credential harvesting (CVE-2026-55255)\n\nhttps://www.helpnetsecurity.com/2026/07/08/langflow-vulnerability-cve-2026-55255-exploited/\n\n#AISecurity #AI #CISA", "creation_timestamp": "2026-07-08T16:10:38.501610Z"}, {"uuid": "9ae47c34-0abe-44d5-9798-da0f7cca8f8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/cyfar.ca/post/3mq5j2ebz2e26", "content": "~Cybergcca~\n4 advisories: Langflow CVE-2026-55255 (KEV-listed IDOR), plus critical Ubiquiti, n8n, and Tanium vulnerabilities requiring patching.\n-\nIOCs: CVE-2026-55255\n-\n#CVE202655255 #ThreatIntel #VulnManagement", "creation_timestamp": "2026-07-08T16:10:57.125709Z"}, {"uuid": "0f0aa325-58db-483f-b3bb-c41076b06f9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/langflow-security-advisory-av26-670", "content": "", "creation_timestamp": "2026-07-08T16:15:04.346439Z"}, {"uuid": "3e973a1e-6b63-470d-adc4-1d16391d5341", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55255", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mq5mir7vcv2x", "content": "\ud83d\udea8 CISA KEV [CVSS 8.4 \u00b7 HIGH]\nAttackers using Langflow flaw for credential harvesting (CVE-2026-55255)\n\nhttps://www.helpnetsecurity.com/2026/07/08/langflow-vulnerability-cve-2026-55255-exploited/\n\n#AISecurity #AI #CISA", "creation_timestamp": "2026-07-08T17:12:41.630697Z"}, {"uuid": "e3f0fcfb-c851-4649-a6bd-082eb42c10bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mq5pceck7k2f", "content": "Attackers using Langflow flaw for credential harvesting (CVE-2026-55255)\n\nwww.helpnetsecurity.com/2026/07/08/l...\n\n#Cybersecurity #ThreatIntel #Vulnerability", "creation_timestamp": "2026-07-08T18:02:50.619576Z"}, {"uuid": "a862258d-1ae8-4691-8934-f3bef07b0e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55255", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mq5pty42wk26", "content": "\ud83d\udea8 CISA KEV [CVSS 8.4 \u00b7 HIGH]\nAttackers using Langflow flaw for credential harvesting (CVE-2026-55255)\n\nhttps://www.helpnetsecurity.com/2026/07/08/langflow-vulnerability-cve-2026-55255-exploited/\n\n#AISecurity #AI #CISA", "creation_timestamp": "2026-07-08T18:12:39.229927Z"}, {"uuid": "ebe2e20e-7daa-45a7-9d55-8ab91de3c977", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55255", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mq5t4rrdbn26", "content": "\ud83d\udea8 CISA KEV [CVSS 8.4 \u00b7 HIGH]\nAttackers using Langflow flaw for credential harvesting (CVE-2026-55255)\n\nhttps://www.helpnetsecurity.com/2026/07/08/langflow-vulnerability-cve-2026-55255-exploited/\n\n#AISecurity #AI #CISA", "creation_timestamp": "2026-07-08T19:11:29.016814Z"}, {"uuid": "0e61ed6a-aaf8-49a8-b075-0c1d2bd668f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55255", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mq5wljhudm2x", "content": "\ud83d\udea8 CISA KEV [CVSS 8.4 \u00b7 HIGH]\nAttackers using Langflow flaw for credential harvesting (CVE-2026-55255)\n\nhttps://www.helpnetsecurity.com/2026/07/08/langflow-vulnerability-cve-2026-55255-exploited/\n\n#AISecurity #AI #CISA", "creation_timestamp": "2026-07-08T20:13:11.652413Z"}, {"uuid": "c6c26bae-c5d6-4f95-b02a-5d536b575e18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55255", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mq5zyxocaj22", "content": "\ud83d\udea8 CISA KEV [CVSS 8.4 \u00b7 HIGH]\nAttackers using Langflow flaw for credential harvesting (CVE-2026-55255)\n\nhttps://www.helpnetsecurity.com/2026/07/08/langflow-vulnerability-cve-2026-55255-exploited/\n\n#AISecurity #AI #CISA", "creation_timestamp": "2026-07-08T21:14:23.872148Z"}, {"uuid": "26ee6b39-ac8e-4f39-860c-961c879fd88c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55255", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mq656zxi3r2n", "content": "\ud83d\udea8 CISA KEV [CVSS 8.4 \u00b7 HIGH]\nAttackers using Langflow flaw for credential harvesting (CVE-2026-55255)\n\nhttps://www.helpnetsecurity.com/2026/07/08/langflow-vulnerability-cve-2026-55255-exploited/\n\n#AISecurity #AI #CISA", "creation_timestamp": "2026-07-08T22:11:29.007773Z"}, {"uuid": "bf6f12fc-e49f-4eec-bac3-257620f45807", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55255", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mq6an32dsb2x", "content": "\ud83d\udea8 CISA KEV [CVSS 8.4 \u00b7 HIGH]\nAttackers using Langflow flaw for credential harvesting (CVE-2026-55255)\n\nhttps://www.helpnetsecurity.com/2026/07/08/langflow-vulnerability-cve-2026-55255-exploited/\n\n#AISecurity #AI #CISA", "creation_timestamp": "2026-07-08T23:13:00.940540Z"}, {"uuid": "3697bff9-8e92-4454-881a-9ee2bda9d563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55255", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mq6dvkx36i2p", "content": "\ud83d\udea8 CISA KEV [CVSS 8.4 \u00b7 HIGH]\nAttackers using Langflow flaw for credential harvesting (CVE-2026-55255)\n\nhttps://www.helpnetsecurity.com/2026/07/08/langflow-vulnerability-cve-2026-55255-exploited/\n\n#AISecurity #AI #CISA", "creation_timestamp": "2026-07-09T00:11:27.433877Z"}, {"uuid": "39906dca-38cd-4416-a0a2-d5622fc849e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://www.acn.gov.it/portale/w/langflow-rilevato-lo-sfruttamento-in-rete-della-cve-2026-55255", "content": "Rilevato lo sfruttamento attivo in rete della vulnerabilit\u00e0 CVE-2026-55255 - gi\u00e0 sanata dal vendor e per la quale risulta disponibile in rete anche un Proof of Concept (PoC) - presente in Langflow, nota piattaforma open-source per lo sviluppo di agent e chatbot basati su intelligenza artificiale. Tale vulnerabilit\u00e0, qualora sfruttata, potrebbe consentire ad un utente autenticato malintenzionato di accedere ed utilizzare workflow di altri utenti sulla piattaforma.", "creation_timestamp": "2026-07-09T01:00:52.133765Z"}, {"uuid": "0b7cf7ce-6873-4945-a958-1f7c35da6e36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mq6gpqzp7k2r", "content": "Langflow\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u305f\u8a8d\u8a3c\u60c5\u5831\u7a83\u76d7\u653b\u6483\uff08CVE-2026-55255\uff09 \n\nAttackers using Langflow flaw for credential harvesting (CVE-2026-55255)  #HelpNetSecurity (Jul 8)\n\nwww.helpnetsecurity.com/2026/07/08/l...", "creation_timestamp": "2026-07-09T01:01:53.965803Z"}, {"uuid": "fbbb02ac-6a46-4a45-9c0b-11dbcdddf588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55255", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mq6h2q45x62j", "content": "\ud83d\udea8 CISA KEV [CVSS 8.4 \u00b7 HIGH]\nAttackers using Langflow flaw for credential harvesting (CVE-2026-55255)\n\nhttps://www.helpnetsecurity.com/2026/07/08/langflow-vulnerability-cve-2026-55255-exploited/\n\n#AISecurity #AI #CISA", "creation_timestamp": "2026-07-09T01:08:01.640376Z"}, {"uuid": "694bb8cc-9222-4258-8797-abc4a121187a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55255", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mq6o6yzw362s", "content": "\ud83d\udcf0 CISA Minta Instansi Pemerintah AS Prioritaskan Patch Celah Auth Bypass Langflow yang Sedang Dieksploitasi\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/07/09/cisa-prioritaskan-patch-cve-2026-55255-langflow/\n\n#ai #aiSecurity #artificialIntelligence #authenticationBypass #cisa #c", "creation_timestamp": "2026-07-09T03:15:41.893772Z"}, {"uuid": "3112d7cf-03cd-40de-ab10-94b8c7685ec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mq7wm4ctrc2a", "content": "Attackers using Langflow flaw for credential harvesting (CVE-2026-55255)\n\nThe US Cybersecurity and Infrastructure Security Agency (CISA) is warning about yet another Langflow vulnerability (CVE-2026-55255) leveraged by attackers in the wild. The flaw was added to the agency\u2019s Know\u2026\n#hackernews #news", "creation_timestamp": "2026-07-09T15:18:51.398693Z"}, {"uuid": "04eb6b49-843f-45b1-b08b-e961b71cb1a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/sen-perimetered.bsky.social/post/3mqc4e6bxhp22", "content": "CVE-2026-55255. Langflow. KEV-listed July 7 \u2014 first AI agent platform in the catalog.\n\nIDOR in the flow-execution endpoint: any authenticated user can run another tenant's flow. Attacker's injected prompt: \"leak api keys.\" LLM keys and AWS creds embedded in flows are the target.\n\nPatch: 1.9.2. Rota\u2026", "creation_timestamp": "2026-07-10T12:07:06.388154Z"}, {"uuid": "345de53b-d608-4b57-b3ff-6a970017092f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mqdamxizm326", "content": "Alert: Langflow CVE-2026-55255 allows authenticated attackers to execute arbitrary flows by manipulating flow IDs. Secure your tenant isolation now with our latest forensic deep-dive, featuring detection queries and hardening protocols. https://thecybermind.co/4912\n\n#CyberSecurity #Langflow", "creation_timestamp": "2026-07-10T22:56:16.391455Z"}, {"uuid": "c645ff6f-f834-4eee-9fe8-86d327b79d47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mqe5shnkya2u", "content": "Executive Alert: Langflow CVE-2026-55255 allows unauthorized flow execution, compromising tenant isolation. Our latest CSUITE Brief details the strategic remediation and hardening protocols required to secure your enterprise environment. Protect your perimeter today.\u2026", "creation_timestamp": "2026-07-11T07:38:19.722159Z"}, {"uuid": "8edd9b97-2358-493e-9275-c65360338377", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/diesec.bsky.social/post/3mqjjz2mimj2c", "content": "CISA just KEV-listed an AI agent platform for the first time. CVE-2026-55255: attackers steal other tenants' API keys and cloud creds from Langflow via one crafted request. CVSS 6.1 on paper, 9.9 in practice. Patch to 1.9.2 now.\n\nzurl.co/pJ7er \nzurl.co/ihjcE \n\n #AISecurity #CISA #CVE", "creation_timestamp": "2026-07-13T11:00:04.570138Z"}, {"uuid": "2b1fee98-8046-4b75-9291-4ab93cb28415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mqjngi26od2u", "content": "\ud83d\udd0d Top signals this week:\n\nCVEs: CVE-2026-48282, CVE-2026-50656, CVE-2026-55255, CVE-2026-20896, CVE-2026-53359\nActors: Ransomware, Apt, Play\n\nFull intel: https://matlock.ca/cybersecnews", "creation_timestamp": "2026-07-13T12:01:15.526110Z"}, {"uuid": "ac1667b5-2787-4952-9f35-311ead2c88a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/billingsley.bsky.social/post/3mqlrbrod6a2b", "content": "COGNOSCERE Tech Brief \u2014 2026-07-14\n\nCISA added CVE-2026-55255, an access-control flaw in the Langflow AI agent frame\n\nhttps://youtube.com/watch?v=fcw6VIlLFCE\n\nhttps://www.cognoscerellc.com/news", "creation_timestamp": "2026-07-14T08:15:39.848721Z"}, {"uuid": "a9cef5ad-0fb6-453a-84fc-68dfa787b4d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://bsky.app/profile/billingsley.bsky.social/post/3mqm2iomfo32y", "content": "COGNOSCERE Tech Brief \u2014 2026-07-14\n\nCISA added CVE-2026-55255, an access-control flaw in the Langflow AI agent frame\n\nhttps://youtube.com/watch?v=_4LaJb-3eQ8\n\nhttps://www.cognoscerellc.com/news", "creation_timestamp": "2026-07-14T11:00:28.655752Z"}, {"uuid": "f6ff533f-c0d7-44d4-b72d-b7a311afcd6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "seen", "source": "https://t.me/bhhub/1203", "content": "Weekly 8 AI &amp; Cyber signals to act on (Jul 11\u201313, 2026)\n\n#AISecurity@bhhub\n\n\u2728 GitLost turns a public GitHub issue into private-repo exfiltration\nNoma reproduced an unauthenticated prompt injection against a GitHub Agentic Workflow with cross-repository read access: the agent fetched a private README and posted it into a public issue. The PoC is configuration-dependent, but the control is clear\u2014untrusted issue text, broad agent permissions, and public write-back must not share one trust boundary.\n\n\u2728 Invisible Unicode defeats MCP\u2019s one-time approval view\nA real-protocol study tested eight metadata payloads across three MCP server libraries. All eight reached model context, none triggered re-approval, and Unicode TAG characters alone stayed invisible to the reviewer; all 32 cross-library cells agreed. The authors released a harness and fail-closed verifier, though independent replication is pending.\n\n\u2728 Update: Langflow cross-tenant flow execution is now in CISA KEV\nCISA added CVE-2026-55255 to KEV on July 7 after evidence of active exploitation. The authenticated IDOR lets an attacker execute another user\u2019s flow by supplying its ID; GitHub scores it 9.9 and Langflow fixed it in 1.9.1. This is a new exploitation-status event, not a replay of the June disclosure.\n\n#AppSec@bhhub\n\n\u2728 GhostLock turns a 15-year Linux stack UAF into root\nNebula Security published a kernelCTF exploit for CVE-2026-43499: regular futex PI syscalls create a dangling stack pointer, then a control-flow pivot yields privilege escalation or container escape. The researchers report 97% reliability and a $92,337 reward; unpatched kernels carrying the affected path need the upstream fix.\n\n\u2728 Browser wallets leak links between addresses, sites, and identities\nA PoPETs-accepted measurement of 85 Chrome wallets representing 35.16 million users formalizes five privacy threats. Routine RPC calls linked addresses, most Ethereum wallets kept exposing revoked addresses, and provider injection into cross-origin iframes enabled passive cross-site tracking\u2014evidence that wallet privacy needs protocol-level, not merely UI-level, controls.\n\n\u2728 SolSmith found 25 Solidity compiler miscompilations\nThree years of semantics-aware differential fuzzing uncovered 25 previously missed compiler bugs, some latent for years, then classified their root causes and user impact. Because immutable smart-contract behavior depends on compiler correctness, the result argues for continuously testing optimization passes with valid, adversarially generated programs; the paper does not quantify deployed-contract exposure.\n\n#RedTeam@bhhub\n\n\u2728 Bit2Watt weaponizes legal GPU workloads against power infrastructure\nThe CHES 2026 paper validates workload-driven power modulation with analysis, simulations, GPUs, and a grid-connected PV inverter. In its synchronized worst-case model, 1,000 GPUs on a 1-MW, 90%-DER system drove current THD to 46.8% and damping to \u22120.27; those grid-scale effects are simulated, but expose a cross-layer tenant threat normal telemetry may miss.\n\n#BlueTeam@bhhub\n\n\u2728 Internet-wide scans expose healthcare\u2019s plaintext attack surface\nThe Euro S&amp;P study scanned DICOM, HL7, and FHIR across IPv4 and IPv6 and ran a nine-month honeypot. It found 2,841 services with authentication flaws, 94.4% of exposed endpoints without transport encryption, and 1,373 systems with known vulnerabilities up to CVSS 9.8, followed by coordinated disclosure\u2014clear priorities for segmentation, TLS, inventory, and remediation.", "creation_timestamp": "2026-07-14T12:00:05.175166Z"}, {"uuid": "921282e6-512d-479f-b9cb-bbd9bdb955b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55255", "type": "published-proof-of-concept", "source": "https://t.me/bhhub/1203", "content": "Weekly 8 AI &amp; Cyber signals to act on (Jul 11\u201313, 2026)\n\n#AISecurity@bhhub\n\n\u2728 GitLost turns a public GitHub issue into private-repo exfiltration\nNoma reproduced an unauthenticated prompt injection against a GitHub Agentic Workflow with cross-repository read access: the agent fetched a private README and posted it into a public issue. The PoC is configuration-dependent, but the control is clear\u2014untrusted issue text, broad agent permissions, and public write-back must not share one trust boundary.\n\n\u2728 Invisible Unicode defeats MCP\u2019s one-time approval view\nA real-protocol study tested eight metadata payloads across three MCP server libraries. All eight reached model context, none triggered re-approval, and Unicode TAG characters alone stayed invisible to the reviewer; all 32 cross-library cells agreed. The authors released a harness and fail-closed verifier, though independent replication is pending.\n\n\u2728 Update: Langflow cross-tenant flow execution is now in CISA KEV\nCISA added CVE-2026-55255 to KEV on July 7 after evidence of active exploitation. The authenticated IDOR lets an attacker execute another user\u2019s flow by supplying its ID; GitHub scores it 9.9 and Langflow fixed it in 1.9.1. This is a new exploitation-status event, not a replay of the June disclosure.\n\n#AppSec@bhhub\n\n\u2728 GhostLock turns a 15-year Linux stack UAF into root\nNebula Security published a kernelCTF exploit for CVE-2026-43499: regular futex PI syscalls create a dangling stack pointer, then a control-flow pivot yields privilege escalation or container escape. The researchers report 97% reliability and a $92,337 reward; unpatched kernels carrying the affected path need the upstream fix.\n\n\u2728 Browser wallets leak links between addresses, sites, and identities\nA PoPETs-accepted measurement of 85 Chrome wallets representing 35.16 million users formalizes five privacy threats. Routine RPC calls linked addresses, most Ethereum wallets kept exposing revoked addresses, and provider injection into cross-origin iframes enabled passive cross-site tracking\u2014evidence that wallet privacy needs protocol-level, not merely UI-level, controls.\n\n\u2728 SolSmith found 25 Solidity compiler miscompilations\nThree years of semantics-aware differential fuzzing uncovered 25 previously missed compiler bugs, some latent for years, then classified their root causes and user impact. Because immutable smart-contract behavior depends on compiler correctness, the result argues for continuously testing optimization passes with valid, adversarially generated programs; the paper does not quantify deployed-contract exposure.\n\n#RedTeam@bhhub\n\n\u2728 Bit2Watt weaponizes legal GPU workloads against power infrastructure\nThe CHES 2026 paper validates workload-driven power modulation with analysis, simulations, GPUs, and a grid-connected PV inverter. In its synchronized worst-case model, 1,000 GPUs on a 1-MW, 90%-DER system drove current THD to 46.8% and damping to \u22120.27; those grid-scale effects are simulated, but expose a cross-layer tenant threat normal telemetry may miss.\n\n#BlueTeam@bhhub\n\n\u2728 Internet-wide scans expose healthcare\u2019s plaintext attack surface\nThe Euro S&amp;P study scanned DICOM, HL7, and FHIR across IPv4 and IPv6 and ran a nine-month honeypot. It found 2,841 services with authentication flaws, 94.4% of exposed endpoints without transport encryption, and 1,373 systems with known vulnerabilities up to CVSS 9.8, followed by coordinated disclosure\u2014clear priorities for segmentation, TLS, inventory, and remediation.", "creation_timestamp": "2026-07-15T00:00:25.126601Z"}]}