langflow-ai/langflow v1.9.3

1.9.3

on GitHub

🔒 Security Release - Critical Updates

This release includes critical security fixes. We strongly recommend upgrading to v1.9.3 immediately.

Security Fixes:

• SSRF vulnerability protection (LE-763)
• CVE fixes from MEND/CIMS scans (LE-1123)
• Updated security dependencies including langchain-classic to 1.0.7

What's Changed

✨ New Features

• feat: Add SSRF protection with DNS rebinding prevention by @Jkavia in #13016
• feat: Python 3.14 support by @erichare in #13085

🐛 Bug Fixes

• fix: update security dependencies by @Jkavia in #13053
• fix: pin postgres image to bookworm in docker_example by @erichare in #13027
• fix: stabilize model toggle and refresh Agent dropdown after provider changes by @erichare in #13113
• fix: upgrade langchain-classic to 1.0.7 by @Jkavia in #13130
• fix: backport policies ToolGuard lazy imports by @erichare in #13144

📝 Documentation Updates

• docs: SSRF protection enabled by default by @mendonk in #13106

Others

• chore: Add DESIGN.md for Langflow's visual design system by @ogabrielluiz in #12830

📦 Package Versions

• langflow: 1.9.3
• langflow-base: 0.9.3
• lfx: 0.4.3
• langflow-sdk: 0.1.3

📥 Installation

pip install langflow==1.9.3

🐳 Docker Images

docker pull langflowai/langflow:1.9.3
docker pull langflowai/langflow:latest

Full Changelog: v1.9.2...v1.9.3