4 matches found
PT-2026-51341
Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.8.4 Description Improper authorization enforcement in the Streamable MCP transport endpoint allows unauthenticated attackers to access protected MCP project resources and execute MCP operations...
CVE-2026-3346
IBM Langflow Desktop 1.6.0 through 1.8.4 Lanflow is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
Exploit for Code Injection in Langflow
Langflow CVE-2025-3248 Exploit Tool !Severityhttps://img.s...
CVE-2024-42835
langflow v1.0.12 was discovered to contain a remote code execution RCE vulnerability via the PythonCodeTool component...