Hackers Leverage Critical Langflow Flaw to Deploy Flodrix Botnet and Seize System Control

A sophisticated cyberattack campaign has emerged, exploiting a critical vulnerability in Langflow, a widely-used Python-based framework for building AI applications, to deploy the destructive Flodrix botnet.

Identified as CVE-2025-3248 and carrying a near-perfect CVSS score of 9.8, this unauthenticated remote code execution (RCE) flaw impacts Langflow versions prior to 1.3.0.

Unveiling a Severe RCE Vulnerability in Langflow

The vulnerability lies in the /api/v1/validate/code endpoint, which lacks proper input validation and sandboxing, enabling attackers to execute arbitrary Python code with minimal effort through a crafted POST request.

According to the Report, this ease of exploitation has led to rapid weaponization, with over 1,600 internet-exposed Langflow instances at risk globally, as reported by cybersecurity experts at Trend Micro.

The flaw’s severity and Langflow’s popularity evidenced by over 70,000 GitHub stars make it a prime target for malicious actors seeking to compromise systems ...