CVE-2026-33017: How attackers compromised Langflow AI pipelines in 20 hours
Essential information
- Published
- 20/03/2026 09:51
- Modified
- 20/03/2026 21:18
- Tags
- 2026-03-20 CVE-2026-33017 ai data exfiltration exploitation honeypot langflow rce vulnerability
- Related entities
- 2 vulnerabilities (cve), 1 observables, 9 techniques (mitre), 4 others
Description
A critical vulnerability in Langflow, an open-source visual framework for AI agents and RAG pipelines, was disclosed on March 17, 2026. The vulnerability, CVE-2026-33017, allows unauthenticated remote code execution on exposed Langflow instances. Within 20 hours, exploitation attempts were observed in the wild. Attackers rapidly developed working exploits from the advisory description and began scanning for vulnerable instances. The Sysdig Threat Research Team deployed honeypots to monitor the attacks, observing automated scanning, custom exploit scripts, and data harvesting activities. The rapid exploitation highlights the accelerating trend of shorter time-to-exploit for vulnerabilities, posing significant challenges for defenders. The attackers targeted high-value data, API keys, and potential software supply chain compromise.