Path Traversal Flaw in AI Dev Platform Langflow Exploited in Attacks

**CVE-2026-5027 (Langflow):** A high-severity, unauthenticated path traversal/arbitrary file write in Langflow is being actively exploited in the wild to write web-accessible web shells, enabling persistent remote code execution; the report details the attack flow, broad exposure (public instances on default port 7860), observed exploitation, mitigation steps (block public access, check for IOCs, rotate credentials, monitor for web shell activity), and urges emergency patching when available.