The U.S. Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies until Friday to patch an actively exploited vulnerability in the Langflow visual framework for building AI agents.

Langflow is an attractive target for hackers since it's a popular tool in the AI development ecosystem, offering a drag-and-drop interface to connect nodes into executable pipelines and a REST API to run them programmatically.

Tracked as CVE-2026-55255, this Insecure Direct Object Reference (IDOR) security flaw allows authenticated threat actors to access other users' flows by sending a maliciously crafted request to the /api/v1/responses endpoint with the victim's UUID (flow_id).

Successful exploitation also enables attackers to access sensitive data processed by the victim's flows and consume their resources.

Sysdig's Threat Research Team (TRT) first observed CVE-2026-55255 in-the-wild exploitation on June 25, saying that the objective was "code execution and second-stage implant delivery (loader/dropper class."