8 matches found
CVE-2026-10546
IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF vulnerability in the URL component src/lfx/src/lfx/components/datasource/url.py due to a Time-of-Check/Time-of-Use TOCTOU race condition that can be exploited via DNS rebinding...
CVE-2026-10546 DNS Rebinding TOCTOU Bypass of SSRF Protection in Langflow OSS URL Component
IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF vulnerability in the URL component src/lfx/src/lfx/components/datasource/url.py due to a Time-of-Check/Time-of-Use TOCTOU race condition that can be exploited via DNS rebinding...
CVE-2026-10546
CVE-2026-10546 affects IBM Langflow OSS versions 1.0.0–1.9.3. A Server-Side Request Forgery (SSRF) in the URL component (src/lfx/src/lfx/components/data_source/url.py) arises from a TOCTOU race condition that can be exploited via DNS rebinding. The vulnerability stems from validating URLs in vali...
EUVD-2026-40402
IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF vulnerability in the URL component src/lfx/src/lfx/components/datasource/url.py due to a Time-of-Check/Time-of-Use TOCTOU race condition that can be exploited via DNS rebinding...
CVE-2026-3340
CVE-2026-3340 is a Server-Side Request Forgery (SSRF) in the IBM Langflow Desktop URL data source component affecting versions 1.0.0–1.8.4 . An authenticated attacker can cause the Langflow server to make arbitrary requests to internal or restricted network resources, potentially enabling network...
CVE-2023-48978
An issue in NCR ITM Web terminal v.4.4.0 and v.4.4.4 allows a remote attacker to execute arbitrary code via a crafted script to the IP camera URL component...
Ariadne Component Library 代码问题漏洞
Ariadne Component Library is a set of url, http and xss components for Ariadne CMS open source. A code issue vulnerability exists in Ariadne Component Library version 2.x and prior versions. An attacker could exploit this vulnerability to perform server-side request forgery attacks...
Stack overflow
Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via an itms: URL with a long URL component after a colon...