6 min read
Vulnerabilities CISA added CVE-2026-55255 to the Known Exploited Vulnerabilities catalog on July 7, 2026, after confirming active exploitation of an insecure direct object reference in Langflow that let authenticated users execute workflows belonging to other tenants.