PT-2026-53956 · Ibm · Langflow Oss

Published

2026-06-30

·

Updated

2026-07-01

·

CVE-2026-10134

CVSS v3.1

10

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.9.3
Description A code injection flaw allows an unauthenticated remote attacker to gain full control over the system without user interaction. This enables the attacker to read all secrets available to the process, as well as read and modify flows, conversations, messages, file uploads, and saved components within the database. Additionally, the attacker can connect to internal services, abuse cloud metadata endpoints, and move laterally to other tenants on the same instance. Persistence can be established by modifying the tool code of a public flow, causing the attacker's code to re-execute during standard calls to the '/api/v1/build/...' endpoint by any user.
Recommendations Update IBM Langflow OSS versions 1.0.0 through 1.9.3 to the fixed version provided by IBM.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-10134

Affected Products

Langflow Oss