Lucene search
K

764 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 4:8 p.m.3 views

Security Bulletin: DNS Rebinding TOCTOU Bypass of SSRF Protection in Langflow OSS URL Component

Summary Langflow OSS contains DNS rebinding TOCTOU vulnerability bypassing SSRF protection. URL component validates URLs with validateurlforssrf but fetches via RecursiveUrlLoader performing independent DNS resolution, creating exploitable TOCTOU window. Maintainers fixed identical issue in...

7.1CVSS5.8AI score0.00146EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 4:8 p.m.3 views

Security Bulletin: Unauthenticated Server-Side RCE via PythonCodeStructuredTool in Public Flows

Summary Langflow OSS contains unauthenticated server-side RCE via PythonCodeStructuredTool executing attacker-controlled Python through exec at flow-build time. Sink in execself.toolcode, globals, localnamespace where toolcode is attacker-controlled template field. Two paths: A Authenticated POST...

10CVSS6AI score0.00314EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/22 4:16 p.m.10 views

CVE-2026-7664

IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint...

9.8CVSS0.00277EPSS
Exploits0References1
NVD
NVD
added 2026/06/22 2:16 p.m.12 views

CVE-2026-10561

IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute arbitrary code on the host system, resulting in complete compromise...

10CVSS0.00502EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 2:10 p.m.33 views

CVE-2026-7664 Unauthenticated Flow Execution via Webhook Endpoint in Langflow OSS

IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint...

9.8CVSS0.00277EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 2:10 p.m.13 views

EUVD-2026-38281

IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint...

9.8CVSS5.9AI score0.00277EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 2:10 p.m.3 views

CVE-2026-7664

IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint...

9.8CVSS5.9AI score0.00277EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/22 2:10 p.m.13 views

CVE-2026-7664

Summary: IBM Langflow OSS versions 1.0.0–1.8.4 are affected by an unauthenticated access issue due to improper authorization enforcement on the Streamable MCP transport endpoint, potentially allowing access to protected MCP project resources and execution of MCP operations. Affected products/vers...

9.8CVSS5.9AI score0.00277EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/22 1:22 p.m.8 views

EUVD-2026-38245

IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute arbitrary code on the host system, resulting in complete compromise...

10CVSS6.4AI score0.00502EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 1:22 p.m.85 views

CVE-2026-10561

Affected product: Langflow OSS (1.0.0–1.9.3). Vulnerability: Unauthenticated remote code execution via improper isolation of Python execution in the PythonREPLComponent, combined with an authentication bypass. CPython’s exec() uses a globals dict without correctly restricting builtins, allowing a...

10CVSS6.4AI score0.00502EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/22 1:22 p.m.36 views

CVE-2026-10561 Unauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Injection

IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute arbitrary code on the host system, resulting in complete compromise...

10CVSS0.00502EPSS
Exploits0References1
NVD
NVD
added 2026/06/22 12:16 a.m.10 views

CVE-2026-12822

A vulnerability was identified in langflow-ai langflow up to 1.9.3. This affects an unknown function of the component Bundle URL Loader. The manipulation leads to code injection. The attack needs to be performed locally. The vendor was contacted early about this disclosure but did not respond in...

7.8CVSS0.00188EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.11 views

PT-2026-51341

Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.8.4 Description Improper authorization enforcement in the Streamable MCP transport endpoint allows unauthenticated attackers to access protected MCP project resources and execute MCP operations...

9.8CVSS5.9AI score0.00277EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.17 views

PT-2026-51298

Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.9.3 Description Improper isolation of Python execution combined with an authentication bypass allows an unauthenticated remote attacker to execute arbitrary code on the host system, leading to a comple...

10CVSS6.5AI score0.00502EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 2026/06/21 11:30 p.m.7 views

CVE-2026-12822

A vulnerability was identified in langflow-ai langflow up to 1.9.3. This affects an unknown function of the component Bundle URL Loader. The manipulation leads to code injection. The attack needs to be performed locally. The vendor was contacted early about this disclosure but did not respond in...

5.3CVSS5.8AI score0.00188EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2026/06/21 11:30 p.m.11 views

CVE-2026-12822

Langflow AI langflow

7.8CVSS5.8AI score0.00188EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/06/21 11:30 p.m.33 views

CVE-2026-12822 langflow-ai langflow Bundle URL Loader code injection

A vulnerability was identified in langflow-ai langflow up to 1.9.3. This affects an unknown function of the component Bundle URL Loader. The manipulation leads to code injection. The attack needs to be performed locally. The vendor was contacted early about this disclosure but did not respond in...

5.3CVSS0.00188EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/21 3:51 p.m.3 views

Security Bulletin: Unauthenticated Flow Execution via Webhook Endpoint in Langflow OSS

Summary Langflow OSS POST /api/v1/webhook/flowid executes any user's flow without authentication by default. Setting WEBHOOKAUTHENABLE defaults to False in auth configuration. When False, webhook handler calls getuserbyflowidorendpointname and trusts caller unconditionally with no credential chec...

9.8CVSS5.9AI score0.00277EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/21 3:50 p.m.3 views

Security Bulletin: Unauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Injection

Summary Langflow OSS contains unauthenticated RCE vulnerability in PythonREPLComponent "Python Interpreter". Component's getglobals builds restricted globals dict from globalimports whitelist default: "math" but never sets globals"builtins" = . CPython's exec automatically inserts full builtins...

10CVSS6.4AI score0.00502EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.11 views

PT-2026-51264

Name of the Vulnerable Software and Affected Versions langflow-ai langflow versions prior to 1.9.4 Description An issue exists in the Bundle URL Loader component where manipulation of an unknown function allows for code injection. This attack must be performed locally. Recommendations At the...

7.8CVSS6AI score0.00188EPSS
Exploits1References13
Rows per page
Query Builder