Home / Security updates / Supply Chain Vulnerability Announcements
Supply Chain Vulnerability Announcements
Security updates detail rendered from /security-updates/upd_583086e2f0078334.
Overview
| ID | upd_583086e2f0078334 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Webflow |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_583086e2f0078334 |
| providerId | safebase |
| organizationId | org_94179fc6a9042809 |
| trustCenterId | tc_2cebf47402cd0296 |
| title | Supply Chain Vulnerability Announcements |
| message | The Webflow Security team is investigating "Copy Fail" (CVE-2026-31431), a Linux flaw that could allow local authorized users to escalate permissions. This vulnerability cannot be exploited remotely over the internet. We have identified the affected infrastructure instances and are working on fixes. At this time, there is no evidence of exploitation in Webflow's environment. Customer data and services remain secure and fully operational. We will continue monitoring and provide updates as patches are deployed . No action is required from customers. Reference links: - NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-31431 - Copy Fail (researcher site): https://copy.fail/ April 30, 2026 Webflow is aware of the recent security advisory regarding the pypi-lightning project (https://pypi.org/project/lightning - versions 2.6.2 and 2.6.3). At this time, we have no evidence to suggest any impact to customer data, accounts, or Webflow services and no indication that sensitive codebases were |
| url | - |
| publishedAt | 2026-02-13 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_94179fc6a9042809",
"name": "Webflow",
"domains": [
"trust.webflow.com",
"webflow.com"
]
} |
| trust_center | {
"id": "tc_2cebf47402cd0296",
"name": "Webflow",
"url": "https://trust.webflow.com",
"host": "trust.webflow.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_583086e2f0078334",
"company": "/v1/companies/org_94179fc6a9042809",
"trust_center": "/v1/trust-centers/tc_2cebf47402cd0296",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_583086e2f0078334JSON