CVE-2026-5026 | langflow-ai langflow SVG File /api/v1/files/images/ flow_id cross site scripting
A vulnerability classified as problematic has been found in langflow-ai langflow. Affected by this vulnerability is an unknown functionality of the file /api/v1/files/images/ of the component SVG File Handler. This manipulation of the argument flow_id causes cross site scripting.
This vulnerability is tracked as CVE-2026-5026. The attack is possible to be carried out remotely. No exploit exists.