Path traversal flaw in AI dev platform Langflow exploited in attacks
www.bleepingcomputer.com
Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers.
