Skip to content

H3-2026-0055

Hardcoded Langflow Default Superuser Vulnerability

Category VULNERABILITY
Base Score 9.8

Description

Langflow 1.10.1 and earlier creates a default superuser account with hardcoded credentials (langflow/langflow) under the shipped AUTO_LOGIN=True default. The teardown that should remove the account when an operator later disables AUTO_LOGIN is defeated once the account has a last_login_at stamp, which /auto_login sets during normal use. As a result, instances hardened by disabling AUTO_LOGIN still accept the vendor default credentials for a superuser account.

Impact

An unauthenticated attacker can authenticate as the built-in Langflow superuser via the vendor default credentials, enumerate every user account, read and modify all flows and API keys, and execute code on the server through flow components.

References