Langflow Langflow_desktop

6 CVEs affecting Langflow Langflow_desktop. Latest disclosed: 2026-04-30. Critical: 0, High: 2.

Top CVEs affecting Langflow Langflow_desktop
CVESeverityScorePublishedSummary
CVE-2026-6543High8.82026-04-30IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow allows an attacker to execute arbitrary commands with the privileges of the process running Langflow. This al…
CVE-2026-4503High7.52026-04-30IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow could allow an unauthenticated user to view other users' images due to an indirect object reference through a…
CVE-2026-3345Medium6.52026-04-30IBM Langflow Desktop <=1.8.4 Langflow could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL reque…
CVE-2026-4502Medium6.52026-04-30IBM Langflow Desktop 1.2.0 through 1.8.4 Langflow could allow an authenticated attacker to traverse directories on the system. An attacker could send a special…
CVE-2026-3340Medium6.52026-04-30IBM Langflow Desktop 1.0.0 through 1.8.4 IBM Langflow is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send una…
CVE-2026-3346Medium6.42026-04-30IBM Langflow Desktop 1.6.0 through 1.8.4 Lanflow is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitra…