Search
Search Results (6 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-10561 | 1 Ibm | 1 Langflow Oss | 2026-06-23 | 10 Critical |
| IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute arbitrary code on the host system, resulting in complete compromise | ||||
| CVE-2026-7664 | 1 Ibm | 1 Langflow Oss | 2026-06-23 | 9.8 Critical |
| IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint. | ||||
| CVE-2026-7787 | 2 Ibm, Langflow | 2 Langflow Oss, Langflow | 2026-06-16 | 7.5 High |
| IBM Langflow OSS 1.0.0 through 1.9.1 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references. | ||||
| CVE-2026-7524 | 2 Ibm, Langflow | 2 Langflow Oss, Langflow | 2026-06-02 | 9.8 Critical |
| IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of symbolic links during archive extraction. | ||||
| CVE-2026-7528 | 2 Ibm, Langflow | 2 Langflow Oss, Langflow | 2026-06-02 | 7.1 High |
| IBM Langflow OSS 1.0.0 through 1.9.0 could allow a denial of service due to uncontrolled resource consumption. | ||||
| CVE-2026-6542 | 2 Ibm, Langflow | 2 Langflow Oss, Langflow | 2026-05-04 | 6.5 Medium |
| IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flow_id to read transaction logs and vertex build data belonging to other users, and to delete persisted vertex build data for another user's flow. | ||||
Page 1 of 1.