7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes

Researchers found serious vulnerabilities across LangGraph, Langflow, and LangChain-core, including SQL injection and path traversal bugs that can lead to remote code execution or secret exposure. Langflow attacks are already active in the wild, while LangGraph and LangChain issues show how agent frameworks can expose OpenAI keys, database credentials, and internal tokens.

AI agent frameworks are rapidly becoming production infrastructure, but their security controls have not matured at the same pace. The incidents point to a broader supply chain risk: imported AI orchestration layers now sit close to sensitive data and credentials, yet many security tools do not treat them as critical trust boundaries.