Skip to main content

Langflow OSS CVE-2026-7528

| EUVDEUVD-2026-32495 HIGH
Uncontrolled Resource Consumption (CWE-400)
2026-05-27 psirt@us.ibm.com GHSA-vppx-25hc-f892
7.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.1 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
High

Lifecycle Timeline

1
Analysis Generated
May 27, 2026 - 20:14 vuln.today

DescriptionCVE.org

IBM Langflow OSS 1.0.0 through 1.9.0 could allow a denial of service due to uncontrolled resource consumption.

AnalysisAI

Denial of service in IBM Langflow OSS 1.0.0 through 1.9.0 lets a low-privileged, authenticated remote attacker drive uncontrolled resource consumption (CWE-400) to degrade or crash the service, with a high availability impact and a minor confidentiality exposure per the CVSS vector. The flaw is network-reachable, requires no user interaction, and needs only a low-privilege account. There is no public exploit identified at time of analysis, it is not listed in CISA KEV, and no EPSS score was supplied.

Technical ContextAI

Langflow is an open-source, Python-based low-code/visual framework for building LLM- and agent-driven applications, exposing a web API and UI for composing and running flows. The root cause is classified as CWE-400 (Uncontrolled Resource Consumption), a class of bug where the application fails to bound the CPU, memory, threads, connections, or other resources consumed in response to attacker-influenced input or requests, allowing a relatively small amount of effort to exhaust available capacity. The advisory does not name the specific endpoint, flow operation, or parser at fault, and no CPE strings were provided to pin the exact build, so the precise resource-exhaustion sink is not confirmed from the available data.

RemediationAI

No exact fixed version is stated in the provided data, so consult the IBM security bulletin at https://www.ibm.com/support/pages/node/7273427 for the vendor-released patched build and upgrade beyond 1.9.0 once confirmed (treat the bulletin as 'patch available per vendor advisory'; the specific fix version is not independently confirmed here). As compensating controls until patched: restrict network access to the Langflow API/UI to trusted networks or place it behind a VPN/reverse proxy, since the vector is AV:N; enforce per-account rate limiting and request size/timeout limits at the proxy to blunt resource exhaustion (trade-off: may throttle legitimate heavy flows); apply OS- or container-level resource quotas (CPU/memory cgroups, restart-on-OOM) to contain impact and recover automatically (trade-off: a crash-loop still interrupts service); and tighten account provisioning so low-privilege accounts are not handed to untrusted users, given the PR:L requirement.

Share

CVE-2026-7528 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy