Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints
Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints
30 June 2026
Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner.
The activity has been found to weaponize CVE-2026-33017 (CVSS score: 9.3), an unauthenticated remote code execution (RCE) vulnerability in Langflow, indicating threat actors are scanning and targeting exposed artificial intelligence (AI)