🛑
Netty STOMP Header Flood Can Crash Servers
Teams running affected Netty versions with STOMP endpoints should upgrade promptly. This is a high-severity denial-of-service issue.
CVE-2026-44891 affects Netty prior to versions 4.1.136.Final and 4.2.16.Final and is rated CVSS 7.5 HIGH. The io.netty.handler.codec.stomp.StompSubframeDecoder does not limit the total number or cumulative size of STOMP headers, allowing memory exhaustion that can trigger an OutOfMemoryError and cause denial of service.
🔗 Read more 🔗
Source: NVD
🔑
Hard-Coded Credentials Found in IBM Langflow OSS
Anyone running affected IBM Langflow OSS versions should treat this as an urgent patching priority because of the critical severity.
CVE-2026-13446 affects IBM Langflow OSS 1.0.0 through 1.10.1 and is rated CVSS 9.8 CRITICAL. The product contains hard-coded credentials used for authentication, outbound communication, or encryption of internal data.
🔗 Read more 🔗
Source: NVD
📂
IBM Langflow File Boundary Bypass Exposes User Data
Organizations with multi-user IBM Langflow OSS deployments should prioritize this update because authenticated users can affect other users’ files.
CVE-2026-13445 affects IBM Langflow OSS 1.0.0 through 1.10.1 and is rated CVSS 8.1 HIGH. An authenticated attacker can abuse the SaveToFile component to read, modify, or overwrite another user’s uploaded files by specifying absolute paths, breaking storage ownership boundaries between users.
🔗 Read more 🔗
Source: NVD
🗂️
Path Traversal Enables Arbitrary File Writes in Langflow
Patch affected IBM Langflow OSS systems as soon as possible. The critical severity makes this a high-priority issue.
CVE-2026-8859 affects IBM Langflow OSS 1.0.0 through 1.10.0 and is rated CVSS 9.9 CRITICAL. A path traversal flaw in the APIRequest component allows crafted Content-Disposition filenames to escape the intended temporary directory and write files to locations accessible by the Langflow process.
🔗 Read more 🔗
Source: NVD
🚨
Langflow Privilege Escalation Can Fully Compromise Service
This should be treated as an emergency update for affected IBM Langflow OSS deployments because of the critical impact.
CVE-2026-8635 affects IBM Langflow OSS 1.0.0 through 1.10.0 and is rated CVSS 9.9 CRITICAL. Authenticated users can escalate privileges to superuser through database manipulation, execute arbitrary system commands, and achieve full system compromise with Langflow service permissions.
🔗 Read more 🔗
Source: NVD
⚠️
Default Webhook Setting Lets Unauthenticated Users Execute Flows
Affected IBM Langflow OSS deployments should be updated urgently because this is a critical authentication bypass.
CVE-2026-8505 affects IBM Langflow OSS 1.0.0 through 1.10.0 and is rated CVSS 9.8 CRITICAL. When WEBHOOK_AUTH_ENABLE is set to False, the default setting, webhook authentication can be bypassed so unauthenticated users who know a flow UUID can execute that flow, potentially leading to Remote Code Execution (RCE).
🔗 Read more 🔗
Source: NVD
💥
Code Validation Endpoint Executes User-Supplied Python
Patch affected IBM Langflow OSS deployments immediately. This is a critical issue for environments with authenticated users.
CVE-2026-8481 affects IBM Langflow OSS 1.0.0 through 1.10.0 and is rated CVSS 9.9 CRITICAL. The code validation API endpoint executes user-supplied Python with exec() without sandboxing, input validation, or privilege restrictions, allowing authenticated users to execute arbitrary system commands with the privileges of the Langflow server process.
🔗 Read more 🔗
Source: NVD
🧨
Unsafe Pickle Deserialization Exposes Langflow Servers
Organizations using affected IBM Langflow OSS versions should prioritize this critical update because successful exploitation can compromise the Langflow server process.
CVE-2026-8476 affects IBM Langflow OSS 1.0.0 through 1.10.0 and is rated CVSS 9.9 CRITICAL. The AsyncDiskCache class uses pickle.loads() without validation or integrity checks, allowing arbitrary code execution when malicious cached data is processed.
🔗 Read more 🔗
Source: NVD
🔓
Langflow File Read Flaw Enables Token Forgery
Affected IBM Langflow OSS deployments should schedule this update promptly because authenticated users can impersonate other users.
CVE-2026-7872 affects IBM Langflow OSS 1.0.0 through 1.10.0 and is rated CVSS 7.5 HIGH. An authenticated attacker can read arbitrary files, including the JWT signing key, and forge authentication tokens for any user.
🔗 Read more 🔗
Source: NVD
⚙️
MCP Configuration Validation Bug Risks Code Execution
Users of affected IBM Langflow OSS versions should prioritize patching because of the high severity and code execution risk.
CVE-2026-7755 affects IBM Langflow OSS 1.0.0 through 1.10.0 and is rated CVSS 8.8 HIGH. Incomplete validation enforcement on MCP server configuration files could allow remote code execution.
🔗 Read more 🔗
Source: NVD
🌐
SSRF Weakness Found in IBM Langflow
Affected IBM Langflow OSS users should plan to patch this high-severity SSRF issue.
CVE-2026-7754 affects IBM Langflow OSS 1.0.0 through 1.10.0 Langflow 1.9.0 and is rated CVSS 7.7 HIGH. Insecure default configuration and incomplete enforcement of the SSRF protection mechanism could allow server-side request forgery.
🔗 Read more 🔗
Source: NVD
📥
Crafted Downloads Allow Arbitrary File Writes in Langflow
Organizations running affected IBM Langflow OSS versions should prioritize this update because authenticated users can perform arbitrary file writes.
CVE-2026-7667 affects IBM Langflow OSS 1.0.0 through 1.10.0 and is rated CVSS 8.8 HIGH. An authenticated attacker can create a malicious flow that uses a crafted Content-Disposition header to write attacker-controlled content to paths accessible by the Langflow process.
🔗 Read more 🔗
Source: NVD