Langflow CVE-2025-34291 (CVSS 9.4) Added to CISA KEV Under Active Exploitation

CISA added CVE-2025-34291 (CVSS 9.4) in Langflow to its Known Exploited Vulnerabilities catalog based on evidence of active exploitation. The flaw is an origin validation error that can allow unauthorized access to the platform. Langflow is a widely used low-code platform for building LLM-powered workflows and AI pipelines, making this especially relevant to organizations deploying AI infrastructure. Patch immediately if you run Langflow in any production or internet-accessible environment.