Langflow versions prior to 1.9.2 contain a confirmed-exploited IDOR vulnerability that allows any authenticated user to execute AI workflows owned by other users, bypassing all access controls. CISA has added this to the Known Exploited Vulnerabilities catalog, confirming active in-the-wild exploitation. Organizations running Langflow in multi-tenant or shared environments face immediate risk of unauthorized workflow execution, proprietary pipeline exposure, and downstream integration abuse.