CVE-2026-10561
CRITICALUnauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Injection
Title source: cnaDescription
IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute arbitrary code on the host system, resulting in complete compromise
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
patch
https://www.ibm.com/support/pages/node/7277242
Scores
CVSS v3
10.0
EPSS
0.0050
EPSS Percentile
39.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-94
Status
published
Products (2)
IBM/Langflow OSS
1.0.0 - 1.9.3
langflow/langflow
1.0.0 - 1.9.3
Published
Jun 22, 2026
Tracked Since
Jun 22, 2026