Remote Code Execution in Langflow CSV Agent via python_repl_ast Exposure

Repository contains a single Python exploit tool (langflow.py) plus a README. The tool is an all-in-one network exploit targeting alleged Langflow RCE (CVE-2026-27966). It supports single-target and mass scanning (threaded), automatic detection of Langflow instances, optional automatic flow creation (to obtain a flow_id when missing), and then remote command execution against the target via Langflow’s HTTP API. Post-exploitation capability is an interactive command loop (“interactive shell”) that repeatedly sends attacker-supplied OS commands and prints cleaned output. Key capabilities implemented in code: - HTTP client with User-Agent rotation and optional proxy support (proxy list loaded from a local file). - Multi-threaded scanning of many targets from an input file; tracks counts of scanned/langflow/vulnerable and stores exploited results. - Exploitation workflow: detect instance → obtain/create flow_id → send crafted request to execute a command → parse/clean response output. - Operator features: debug logging, save vulnerable URLs to an output file, run a single command or interactive shell. Notable endpoints/targets: - The exploit primarily targets user-supplied base URLs (e.g., http(s)://<host>:7860). The README provides example targets and file names (targets.txt). The code also references local file paths for proxy lists and output results. (The specific Langflow API paths used for detection/flow creation/command execution are not visible in the provided truncated snippet, but the structure clearly indicates multiple endpoint checks and a flow-based RCE trigger.)