CVE-2026-55423: Langflow: Logout button does not clear session

June 19, 2026

The logout button does not clear the session. The previous user stays logged in unless another user explicitly logs in.

References

github.com/advisories/GHSA-7hw8-6q6r-4276
github.com/langflow-ai/langflow/pull/10527
github.com/langflow-ai/langflow/pull/10528
github.com/langflow-ai/langflow/security/advisories/GHSA-7hw8-6q6r-4276
nvd.nist.gov/vuln/detail/CVE-2026-55423

Code Behaviors & Features

Detect and mitigate CVE-2026-55423 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →