This is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is.
Post
hrbrmstr πΊπ¦ π¬π± π¨π¦ π³οΈβπ
hrbrmstr.dev
did:plc:hgyzg2hn6zxpqokmp5c2xrdo
π¨We're seeing a new 100+ IP "botnet" from Amazon CIDRs in South Korea triggering our Langflow Code Injection CVE-2025-3248 RCE tag.
https://viz.greynoise.io/tags/langflow-code-injection-cve-2025-3248-rce-attempt?days=30
Horizon3 (as usual) has a great write-up of the CVE: https://horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/
You've had plenty of time to fix this. Sure hope y'all did.
2025-05-13T11:16:05.749Z