CVE-2026-55255 Google Chronicle · YARA-L

Detect Langflow IDOR: Unauthorized Access to Another User's Flow via /api/v1/responses in Google Chronicle

CVE-2026-55255 is a critical IDOR (Insecure Direct Object Reference) vulnerability in Langflow versions prior to 1.9.1. An authenticated attacker can enumerate and access another user's flow data by manipulating object identifiers in requests to the /api/v1/responses endpoint. With a CVSS score of 9.9, this vulnerability allows horizontal privilege escalation between users, potentially exposing sensitive AI flow configurations, credentials embedded in flows, and proprietary automation logic.

MITRE ATT&CK

Tactic
Credential Access Collection

YARA-L Detection Query

Google Chronicle (YARA-L)
yaral 
rule langflow_idor_responses_enumeration {
  meta:
    author = "df00tech detection engineering"
    description = "Detects IDOR enumeration against Langflow /api/v1/responses (CVE-2026-55255)"
    severity = "CRITICAL"
    priority = "HIGH"
    reference = "https://github.com/advisories/GHSA-qrpv-q767-xqq2"

  events:
    $http.metadata.event_type = "NETWORK_HTTP"
    $http.network.http.method = "GET"
    re.regex($http.network.http.request_url, `/api/v1/responses/[^/?]+`) nocase
    $http.network.http.response_code = 200
    $src_ip = $http.principal.ip
    $flow_id = re.capture($http.network.http.request_url, `/api/v1/responses/([^/?]+)`)

  match:
    $src_ip over 10m

  condition:
    #flow_id >= 5
}
critical severity medium confidence

Chronicle YARA-L 2.0 rule detecting systematic IDOR exploitation of Langflow's /api/v1/responses endpoint by counting distinct flow IDs accessed from the same source IP within a rolling 10-minute window.

Data Sources

Chronicle HTTP LogsGoogle Cloud Armor / WAF LogsNetwork Telemetry

Required Tables

NETWORK_HTTP

False Positives & Tuning

  • Authorised Langflow administrators accessing flows belonging to multiple users for support purposes
  • Langflow enterprise features with legitimate cross-user flow visibility
  • Automated reporting dashboards that aggregate flow outputs across the organisation
  • Security team running authorised vulnerability assessments against the Langflow instance

Other platforms for CVE-2026-55255

Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security (Elastic) IBM QRadar (QRadar) Sumo Logic CSE (Sumo) CrowdStrike LogScale (LogScale) All platforms (combined) →

Testing Methodology

Validate this detection against 3 adversary techniques from Atomic Red Team. Each test below lists the behaviour to exercise and the telemetry you should expect to see. Executable commands and cleanup steps are available with Pro.

  1. Test 1Unauthenticated Flow ID Discovery via /api/v1/responses

    Expected signal: 20 GET requests to /api/v1/responses/* within seconds, all from the same source IP and Authorization header, appearing in web/application access logs

  2. Test 2Targeted Cross-User Flow Access Using Known Flow ID

    Expected signal: Single authenticated GET request to /api/v1/responses/<victim_flow_id> returning HTTP 200 with flow response data belonging to a different user

  3. Test 3Scripted Flow Enumeration with Response Exfiltration

    Expected signal: 50 GET requests to /api/v1/responses/* within approximately 30 seconds, with a subset returning HTTP 200 and response bodies containing flow data; all from single source IP

Last updated: 2026-06-21 Research depth: standard
References (3)

Unlock Pro Content

Get the full detection package for CVE-2026-55255 including response playbook, investigation guide, and atomic red team tests.

Response PlaybookInvestigation GuideHunting QueriesAtomic Red Team TestsTuning Guidance
Sign Up for Pro View Pricing

Related Detections

Tactic Hubs

TA0006Credential AccessTA0009Collection

Related Techniques

T1530Data from Cloud StorageT1078Valid AccountsT1083File and Directory Discovery

Same Tactic: Credential Access

Popular Detections