3 matches found
CVE-2026-9135
CVE-2026-9135 affects IBM Langflow OSS versions 1.0.0–1.10.0. The vulnerability lies in the Policies component’s ToolGuard integration: validation only checks the main component code field (node_template["code"]["value"]) and does not validate dynamic CodeInput fields that store generated ToolGua...
Creation of Temporary File With Insecure Permissions
Overview Affected versions of this package are vulnerable to Creation of Temporary File With Insecure Permissions in the getorcreatetmpdir function in fileutils.py. This enables an attacker who can write to /tmp to cause the execution of arbitrary .py files during environment setup. Remediation...
LogonTracer Code Injection Vulnerability
LogonTracer is a visual Windows log analysis tool that checks for malicious logins by analyzing Windows Active Directory event logs. A code injection vulnerability exists in LogonTracer version 1.2.0 and prior versions, which can be exploited by a remote attacker to execute arbitrary Python code ...