CVE-2026-3340

Name of the Vulnerable Software and Affected Versions IBM Langflow Desktop versions 1.0.0 through 1.8.4

Description IBM Langflow is susceptible to server-side request forgery (SSRF), a flaw where the server is tricked into making requests to an unintended location. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.