PT-2026-53956 · Ibm · Langflow Oss
Published
2026-06-30
·
Updated
2026-07-01
·
CVE-2026-10134
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM Langflow OSS versions 1.0.0 through 1.9.3
Description
A code injection flaw allows an unauthenticated remote attacker to gain full control over the system without user interaction. This enables the attacker to read all secrets available to the process, as well as read and modify flows, conversations, messages, file uploads, and saved components within the database. Additionally, the attacker can connect to internal services, abuse cloud metadata endpoints, and move laterally to other tenants on the same instance. Persistence can be established by modifying the
tool code of a public flow, causing the attacker's code to re-execute during standard calls to the '/api/v1/build/...' endpoint by any user.Recommendations
Update IBM Langflow OSS versions 1.0.0 through 1.9.3 to the fixed version provided by IBM.
Fix
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Langflow Oss