Lucene search
+L

137 matches found

CVE
CVE
added yesterday17 views

CVE-2026-9103

CVE-2026-9103 affects Langflow OSS 1.0.0–1.10.0. The root cause is improper authentication in the /api/v1/login/auto_login endpoint, which issues long‑lived superuser tokens when AUTO_LOGIN is enabled (default). Combined with permissive CORS, this can expose tokens to unintended origins and enabl...

9.8CVSS5.5AI score
Exploits0References1
EUVD
EUVD
added yesterday7 views

EUVD-2026-45258

IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unauthorized access due to improper authentication in the /api/v1/login/autologin endpoint. The endpoint issues long-lived superuser bearer tokens without requiring authentication when the AUTOLOGIN configuration is enabl...

9.8CVSS5.5AI score
Exploits0References1
Cvelist
Cvelist
added yesterday19 views

CVE-2026-9103 Unauthenticated Superuser Token Issuance via Auto-Login Endpoint

IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unauthorized access due to improper authentication in the /api/v1/login/autologin endpoint. The endpoint issues long-lived superuser bearer tokens without requiring authentication when the AUTOLOGIN configuration is enabl...

9.8CVSS
Exploits0References1
NVD
NVD
added yesterday9 views

CVE-2026-9198

IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to chain /api/v1/autologin mints SUPERUSER tokens to any network caller with /api/v1/validate/code executes user code via exec to achieve full RCE on default Langflow deployments...

9.8CVSS
Exploits0References1
EUVD
EUVD
added yesterday7 views

EUVD-2026-45236

IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to chain /api/v1/autologin mints SUPERUSER tokens to any network caller with /api/v1/validate/code executes user code via exec to achieve full RCE on default Langflow deployments...

9.8CVSS5.5AI score
Exploits0References1
CVE
CVE
added yesterday27 views

CVE-2026-9198

IBM Langflow OSS versions 1.0.0–1.10.0 are affected by CVE-2026-9198: unauthenticated attackers chain /api/v1/auto_login (issues superuser tokens) with /api/v1/validate/code (exec() of user code) to achieve full RCE on default deployments. The root cause is the combination of an open auto-login e...

9.8CVSS5.4AI score
Exploits0References1
Cvelist
Cvelist
added yesterday20 views

CVE-2026-9198 Unauthenticated Remote Code Execution via Auto-Login Bypass and Code Validation

IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to chain /api/v1/autologin mints SUPERUSER tokens to any network caller with /api/v1/validate/code executes user code via exec to achieve full RCE on default Langflow deployments...

9.8CVSS
Exploits0References1
Vulnrichment
Vulnrichment
added yesterday4 views

CVE-2026-9198 Unauthenticated Remote Code Execution via Auto-Login Bypass and Code Validation

IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to chain /api/v1/autologin mints SUPERUSER tokens to any network caller with /api/v1/validate/code executes user code via exec to achieve full RCE on default Langflow deployments...

9.8CVSS5.5AI score
Exploits0References1
EUVD
EUVD
added yesterday7 views

EUVD-2026-45235

IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to create unlimited user accounts on any Langflow instance; when NEWUSERISACTIVE=true documented deployment option, newly created accounts are immediately active and can authenticate to reach RCE endpoints, bypassing the need...

9.8CVSS5.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday8 views

PT-2026-60834

IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to create unlimited user accounts on any Langflow instance; when NEW USER IS ACTIVE=true documented deployment option, newly created accounts are immediately active and can authenticate to reach RCE endpoints, bypassing the ne...

9.8CVSS5.3AI score
Exploits0References2
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-44876

The Abandoned Cart Lite for WooCommerce WordPress plugin before 6.8.2 does not protect the integrity of its cart-recovery tokens or bind them to the requesting account, allowing unauthenticated attackers to forge a recovery link that logs them in as another user when the automatic-login option is...

8.1CVSS6.1AI score0.00226EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/02 7:28 p.m.6 views

Security Bulletin: Unauthenticated Superuser Token Issuance via Auto-Login Endpoint

Summary An unauthenticated endpoint in the login API allowed any network-reachable attacker to obtain a 365-day superuser bearer token without requiring any credentials. The /api/v1/login/autologin endpoint issued tokens when the AUTOLOGIN configuration defaulted to True, enabling complete...

9.8CVSS5.9AI score
Exploits0Affected Software1
OSV
OSV
added 2026/05/29 10:7 p.m.10 views

GHSA-MCH8-WF3H-6X88 Admidio writes session IDs and auto-login cookie values to application logs

Summary When debug logging is enabled, Session::setCookie logs full cookie values and Session::start logs the current session ID. In a real Admidio deployment this includes both the active session cookie and the persistent auto-login cookie. Anyone with access to the log sink can recover live...

4.4CVSS5.8AI score0.00015EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/29 10:7 p.m.24 views

Admidio writes session IDs and auto-login cookie values to application logs

Summary When debug logging is enabled, Session::setCookie logs full cookie values and Session::start logs the current session ID. In a real Admidio deployment this includes both the active session cookie and the persistent auto-login cookie. Anyone with access to the log sink can recover live...

5.8AI score0.00015EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.12 views

PT-2026-45044

Summary When debug logging is enabled, Session::setCookie logs full cookie values and Session::start logs the current session ID. In a real Admidio deployment this includes both the active session cookie and the persistent auto-login cookie. Anyone with access to the log sink can recover live...

4.4CVSS5.8AI score0.00015EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/05/22 10:1 p.m.107 views

Exploit for Code Injection in Langflow

CVE-2026-33017 — Langflow Unauthenticated Remote Code Executio...

9.8CVSS6.7AI score0.98191EPSS
Exploits21
Positive Technologies
Positive Technologies
added 2026/05/16 12:0 a.m.19 views

PT-2026-41428

iDS6 DSSPro Digital Signage System 6.2 contains a CAPTCHA security bypass vulnerability that allows attackers to bypass authentication by requesting the autoLoginVerifyCode object. Attackers can retrieve valid CAPTCHA codes via the login endpoint and use them to perform brute-force attacks agains...

9.8CVSS5.8AI score0.00429EPSS
Exploits1References5
EUVD
EUVD
added 2026/05/14 6:44 a.m.16 views

EUVD-2026-30255

The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation via missing authorization in all versions up to, and including, 5.1.2. This is due to missing nonce verification and capability checks in the iwarsaverecipe AJAX handler. This makes it possible for unauthenticated...

9.8CVSS5.8AI score0.00439EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/03/21 5:6 p.m.234 views

Exploit for CVE-2026-33017

CVE-2026-33017-Langflow-RCE-PoC The vulnerability in Langflow...

9.3CVSS6.6AI score0.98191EPSS
Exploits21
GithubExploit
GithubExploit
added 2026/02/07 11:31 p.m.293 views

Exploit for CVE-2026-0770

CVE-2026-0770 - Langflow Remote Code Execution Summary La...

9.8CVSS8.7AI score0.33827EPSS
Exploits8
Rows per page
Query Builder