Langflow OSS
by IBM
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-7524 | Cri | 0.64 | 9.8 | — | May 27, 2026 | IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of symbolic links during archive extraction. | ||
| CVE-2026-7528 | Hig | 0.39 | 7.1 | — | May 27, 2026 | IBM Langflow OSS 1.0.0 through 1.9.0 could allow a denial of service due to uncontrolled resource consumption. |
- risk 0.64cvss 9.8epss —
IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of symbolic links during archive extraction.
- risk 0.39cvss 7.1epss —
IBM Langflow OSS 1.0.0 through 1.9.0 could allow a denial of service due to uncontrolled resource consumption.