CVE-2026-10561

CRITICAL

Unauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Injection

Title source: cna
STIX 2.1

Description

IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute arbitrary code on the host system, resulting in complete compromise

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory patch
https://www.ibm.com/support/pages/node/7277242

Scores

CVSS v3 10.0
EPSS 0.0050
EPSS Percentile 39.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-94
Status published
Products (2)
IBM/Langflow OSS 1.0.0 - 1.9.3
langflow/langflow 1.0.0 - 1.9.3
Published Jun 22, 2026
Tracked Since Jun 22, 2026