CVE-2025-3248 — Langflow Langflow — Langflow Missing Authentication Vulnerability

Langflow contains a missing authentication vulnerability in the /api/v1/validate/code endpoint that allows a remote, unauthenticated attacker to execute arbitrary code via crafted HTTP requests.