Lucene search
+L

5 matches found

Vulnrichment
Vulnrichment
added 2 days ago9 views

CVE-2026-7754 SSRF Protection Configuration Vulnerability

IBM Langflow OSS 1.0.0 through 1.10.0 Langflow 1.9.0 could allow server-side request forgery SSRF due to insecure default configuration and incomplete enforcement of the SSRF protection mechanism...

7.7CVSS5.4AI score0.00219EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-60863

Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.10.0 Description Authenticated users can override component parameters at runtime via the API. This is caused by a flaw in the parameter filtering mechanism within the apply tweaks function...

8.8CVSS5.2AI score0.00288EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/02 7:34 p.m.8 views

Security Bulletin: MCP Server Configuration Validator Bypass via File Upload API

Summary A validation bypass vulnerability existed in the File Manager API that could allow an authenticated attacker to upload malicious MCP server configurations. The file upload endpoint accepted mcpservers.json files without invoking the MCPServerConfig validator, while the structured MCP API...

8.8CVSS6.5AI score0.00406EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/06/30 7:13 p.m.45 views

CVE-2026-7873 Code Injection Vulnerability in Code Validation Endpoint

IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated attackers to execute arbitrary OS commands and read sensitive files including credentials, enabling complete system compromise and lateral movement...

9.9CVSS0.00294EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.13 views

PT-2026-53950

Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.10.0 Description Langflow uses a weak and reversible key derivation mechanism for encryption at rest, which could lead to the disclosure of all stored credentials. Recommendations At the moment, there ...

9.1CVSS5.9AI score0.00164EPSS
Exploits0References5
Rows per page
Query Builder