Lucene search
+L

26 matches found

CVE
CVE
added yesterday10 views

CVE-2026-14499

CVE-2026-14499 affects Langflow OSS 1.0.0–1.10.1. An authenticated user could execute arbitrary commands with elevated privileges due to improper validation of user-supplied input in the Python Interpreter component, resulting in OS command injection (CWE-78). IBM’s bulletin assigns CVSS v3.1 bas...

8.8CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added yesterday7 views

CVE-2026-7872 Path Traversal Vulnerability in File Component Leading to Arbitrary File Read and Authentication Bypass

IBM Langflow OSS 1.0.0 through 1.10.0 allows an authenticated attacker to read arbitrary files including the JWT signing key and forge authentication tokens for any user...

7.5CVSS
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-45282

IBM Langflow OSS 1.0.0 through 1.10.0 allows an authenticated attacker to read arbitrary files including the JWT signing key and forge authentication tokens for any user...

7.5CVSS5.5AI score
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-60834

IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to create unlimited user accounts on any Langflow instance; when NEW USER IS ACTIVE=true documented deployment option, newly created accounts are immediately active and can authenticate to reach RCE endpoints, bypassing the ne...

9.8CVSS5.3AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/02 7:36 p.m.5 views

Security Bulletin: Path Traversal Vulnerability in File Component Leading to Arbitrary File Read and Authentication Bypass

Summary A path traversal vulnerability existed in the File component's tar archive extraction functionality. An authenticated user could upload a specially crafted tar archive containing symbolic links to read arbitrary files accessible to the application process. The vulnerability allowed an...

7.5CVSS5.9AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/02 7:34 p.m.7 views

Security Bulletin: MCP Server Configuration Validator Bypass via File Upload API

Summary A validation bypass vulnerability existed in the File Manager API that could allow an authenticated attacker to upload malicious MCP server configurations. The file upload endpoint accepted mcpservers.json files without invoking the MCPServerConfig validator, while the structured MCP API...

8.8CVSS6.5AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/02 7:31 p.m.8 views

Security Bulletin: Unauthenticated User Registration Could Lead to Remote Code Execution

Summary An attacker could create accounts on an exposed instance without authentication through the user registration API. If an operator had configured newly created accounts to be active immediately, the attacker could then log in as that new user and reach code-execution functionality, which...

9.8CVSS6.4AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/02 7:29 p.m.7 views

Security Bulletin: Unauthenticated Remote Code Execution via Auto-Login Bypass and Code Validation

Summary A vulnerability allowed unauthenticated attackers to achieve remote code execution on default-configured instances. The vulnerability combined two distinct issues: an unauthenticated endpoint that issued superuser bearer tokens to any network caller, and a code validation endpoint that...

9.8CVSS6.6AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/02 7:27 p.m.7 views

Security Bulletin: Arbitrary Code Execution in Python Interpreter Component

Summary A vulnerability in the Python Interpreter component allowed authenticated users to execute arbitrary Python code and escalate privileges to superuser level. An attacker with valid credentials could bypass security controls through the PythonREPLComponent, directly access the database, and...

9.9CVSS6.1AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/02 7:26 p.m.5 views

Security Bulletin: Path Traversal in APIRequest Component via Content-Disposition Header

Summary A path traversal vulnerability existed in the APIRequest component when the "Save to File" feature was enabled. The component extracted filenames from server-controlled Content-Disposition headers without proper sanitization, allowing an attacker-controlled HTTP response to write files to...

9.9CVSS6.6AI score
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/06/30 7:14 p.m.49 views

CVE-2026-7871 Insecure Deserialization in Redis Cache Backend

IBM Langflow OSS 1.0.0 through 1.10.0 allows users with Redis access to execute arbitrary code with full application privileges, compromising all secrets, data, and system integrity...

9.8CVSS0.00386EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 7:48 p.m.6 views

Security Bulletin: Code Injection Vulnerability in Code Validation Endpoint

Summary A code injection vulnerability was identified in the code validation endpoint that allowed authenticated users to execute arbitrary code on the server. The vulnerability existed in the validation logic which compiled and executed function definitions to check for import errors. Attackers...

9.9CVSS6.6AI score0.00294EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/06/22 1:22 p.m.43 views

CVE-2026-10561 Unauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Injection

IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute arbitrary code on the host system, resulting in complete compromise...

10CVSS0.00502EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/12 7:0 p.m.7 views

Security Bulletin: upload filename directly from the multipart Content-Disposition header without sanitization

Summary Langflow OSS 1.2.0 - 1.8.4 are affected by a critical arbitrary file write vulnerability in the files endpoint due to improper handling of uploaded filenames. The application extracts the filename directly from the multipart Content-Disposition header without sanitization and uses unsafe...

6.5CVSS5.5AI score0.00275EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/06/11 4:16 p.m.1 views

CVE-2026-7787

IBM Langflow OSS 1.0.0 through 1.9.1 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references...

8.1CVSS5.9AI score
Exploits0References1
NVD
NVD
added 2026/06/11 4:16 p.m.17 views

CVE-2026-7787

IBM Langflow OSS 1.0.0 through 1.9.1 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references...

8.1CVSS0.00248EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 2:41 p.m.11 views

CVE-2026-7787 Unauthenticated Session History Access via Public Flow Execution

IBM Langflow OSS 1.0.0 through 1.9.1 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references...

7.5CVSS5.5AI score0.00248EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 6:45 p.m.11 views

Security Bulletin: Langflow OSS affected by vulnerabilies in Axios versions prior to 1.15.0

Summary Langflow OSS affected by vulnerabilies in Axios versions prior to 1.15.0 Vulnerability Details CVEID:CVE-2026-40175 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Versions prior to 1.15.0 and 0.3.1 are vulnerable to a specific gadget-style attack chain in...

9CVSS5.4AI score0.01815EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 6:38 p.m.7 views

Security Bulletin: Langflow OSS affected by vulnerabilies in Lodash versions 4.17.23 and earlier

Summary Langflow OSS affected by vulnerabilies in Lodash versions 4.17.23 and earlier Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION: Impact: Lodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the .unset and .omit functions. The fix for CVE-2025-13465:...

9.8CVSS5.9AI score0.02474EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/05/27 1:16 p.m.26 views

CVE-2026-7528

IBM Langflow OSS versions 1.0.0–1.9.0 are vulnerable to an unauthenticated file upload that allows unlimited uploads via the deprecated /api/v1/upload/{flow_id} endpoint, enabling DoS through uncontrolled resource consumption and potential absolute path disclosure in API responses. The root cause...

7.5CVSS5.8AI score0.00215EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder