CVE-2026-6543

Name of the Vulnerable Software and Affected Versions IBM Langflow Desktop versions 1.0.0 through 1.8.4

Description An issue allows an attacker to execute arbitrary commands with the privileges of the process running Langflow. This can lead to the exposure of sensitive environment variables, such as API keys and database credentials, as well as the modification of files or the initiation of further attacks on the internal network.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.