Ori Lahav

**Name of the Vulnerable Software and Affected Versions** IBM Langflow OSS versions 1.0.0 through 1.9.1 **Description** Improper validation of symbolic links during archive extraction could allow remote code execution. **Recommendations** Apply the remote code execution patch for versions 1.0.0 through 1.9.1.

**Name of the Vulnerable Software and Affected Versions** IBM Langflow OSS versions 1.0.0 through 1.9.0 **Description** Uncontrolled resource consumption may lead to a denial of service, a condition where a system becomes unavailable to its intended users. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.