PT-2026-31055 · Faiss+1 · Faiss+1
Weblover
·
Published
2026-04-02
·
Updated
2026-04-08
·
CVE-2026-3357
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM Langflow Desktop versions 1.6.0 through 1.8.2
Description
IBM Langflow Desktop versions 1.6.0 through 1.8.2 may allow an authenticated user to execute arbitrary code on the system. This is due to an insecure default setting that permits the deserialization of untrusted data within the FAISS component.
Recommendations
Update to a version later than 1.8.2.
Fix
RCE
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Faiss
Ibm Langflow Desktop