Skip to main content

IBM Langflow OSS CVE-2026-6542

| EUVDEUVD-2026-26447 MEDIUM
Authorization Bypass Through User-Controlled Key (CWE-639)
2026-04-30 ibm
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

5
Analysis Generated
Apr 30, 2026 - 22:01 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 21:45 euvd
EUVD-2026-26447
Analysis Generated
Apr 30, 2026 - 21:45 vuln.today
Patch released
Apr 30, 2026 - 21:45 nvd
Patch available
CVE Published
Apr 30, 2026 - 21:16 nvd
MEDIUM 6.5

DescriptionCVE.org

IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flow_id to read transaction logs and vertex build data belonging to other users, and to delete persisted vertex build data for another user's flow.

AnalysisAI

IBM Langflow OSS 1.0.0 through 1.8.4 allows authenticated users to read transaction logs and vertex build data from other users' flows via direct flow_id manipulation, enabling unauthorized information disclosure and deletion of other users' persisted build data. The vulnerability requires valid user authentication (PR:L) but no additional complexity, affecting all deployments of affected versions.

Technical ContextAI

Langflow OSS is a flow-based orchestration platform that stores user workflows with associated transaction logs and vertex build state. The vulnerability stems from insufficient access control on endpoints that retrieve or delete flow-related data (CWE-639: Authorization through User-Controlled Key). The application accepts a flow_id parameter from authenticated users but fails to verify that the requesting user owns or has permission to access the specified flow. By iterating or guessing flow_id values, any authenticated user can enumerate and access transaction logs and vertex build metadata belonging to other users, or delete their persisted build artifacts.

RemediationAI

Upgrade to IBM Langflow OSS version 1.8.5 or later as released by IBM, which implements proper access control checks to verify user ownership of flows before permitting read or delete operations. The vendor patch is available at https://www.ibm.com/support/pages/node/7270886. Until patching is possible, implement compensating controls by restricting network access to the Langflow API to trusted networks using firewall or reverse proxy rules, and limit user account creation to minimize the number of authenticated users who could exploit the vulnerability. Note that these controls do not eliminate the vulnerability for legitimate users within the trusted network.

Share

CVE-2026-6542 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy