CVE-2026-33017: How attackers compromised Langflow AI pipelines in 20 hours

**Executive summary:** CVE-2026-33017 is an unauthenticated RCE in Langflow's public flow build endpoint that was actively exploited within ~20 hours of disclosure; attackers scanned broadly, executed arbitrary Python to collect environment variables and credentials, staged second-stage payloads, and exfiltrated secrets to identified C2 infrastructure, with multiple source IPs and interactsh callbacks observed across a honeypot fleet.