Lucene search
+L

4 matches found

CVE
CVE
added yesterday15 views

CVE-2026-9202

CVE-2026-9202 affects IBM Langflow OSS versions 1.0.0–1.10.0. Unauthenticated attackers can create unlimited user accounts; if NEW_USER_IS_ACTIVE is true, new accounts are immediately active and can authenticate to reach RCE endpoints, bypassing AUTO_LOGIN. IBM CVSS v3.1 base score 9.8 (CRITICAL)...

9.8CVSS5.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added yesterday3 views

CVE-2026-9202 Unauthenticated User Registration Could Lead to Remote Code Execution

IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to create unlimited user accounts on any Langflow instance; when NEWUSERISACTIVE=true documented deployment option, newly created accounts are immediately active and can authenticate to reach RCE endpoints, bypassing the need...

9.8CVSS5.3AI score
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-45235

IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to create unlimited user accounts on any Langflow instance; when NEWUSERISACTIVE=true documented deployment option, newly created accounts are immediately active and can authenticate to reach RCE endpoints, bypassing the need...

9.8CVSS5.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-60834

IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to create unlimited user accounts on any Langflow instance; when NEW USER IS ACTIVE=true documented deployment option, newly created accounts are immediately active and can authenticate to reach RCE endpoints, bypassing the ne...

9.8CVSS5.3AI score
Exploits0References2
Rows per page
Query Builder