Skip to main content

IBM Langflow Desktop EUVDEUVD-2026-26419

| CVE-2026-3340 MEDIUM
Server-Side Request Forgery (SSRF) (CWE-918)
2026-04-30 ibm
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

5
Analysis Generated
Apr 30, 2026 - 21:46 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 21:15 euvd
EUVD-2026-26419
Analysis Generated
Apr 30, 2026 - 21:15 vuln.today
Patch released
Apr 30, 2026 - 21:15 nvd
Patch available
CVE Published
Apr 30, 2026 - 21:04 nvd
MEDIUM 6.5

DescriptionCVE.org

IBM Langflow Desktop 1.0.0 through 1.8.4 IBM Langflow is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

AnalysisAI

Server-side request forgery (SSRF) in IBM Langflow Desktop 1.0.0 through 1.8.4 permits unauthenticated remote attackers to send arbitrary HTTP requests from the vulnerable system, enabling network enumeration, internal service probing, and facilitation of secondary attacks against backend infrastructure. CVSS 6.5 reflects moderate confidentiality and integrity impact without authentication barriers despite PR:N in vector.

Technical ContextAI

IBM Langflow Desktop is a desktop application for building and executing AI workflows using language models. The vulnerability resides in server-side request handling (CWE-918: Server-Side Request Forgery), where user-supplied input intended for local processing is instead passed directly to HTTP client libraries without proper validation or URL scheme/destination whitelisting. This allows attackers to craft malicious payloads that cause the application to initiate requests to arbitrary internal networks, private IP ranges, or restricted services that would be blocked if requested directly from the attacker's network. The CVSS vector (AV:N/AC:L/PR:N) indicates network-accessible SSRF with no authentication required and low attack complexity, suggesting the vulnerable endpoint is reachable via HTTP/HTTPS without prior compromise.

RemediationAI

Upgrade IBM Langflow Desktop to version 1.8.5 or later, which includes the SSRF validation fixes per IBM security advisory (https://www.ibm.com/support/pages/node/7271096). Users unable to upgrade immediately should implement network-level mitigations: restrict outbound HTTP/HTTPS traffic from Langflow Desktop to explicitly whitelisted internal services only (use firewall rules, network policy, or proxy authentication); block access to private IP ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16) and link-local addresses (127.0.0.0/8, ::1/128) at the egress firewall to prevent enumeration of internal infrastructure; disable or isolate Langflow Desktop instances from direct connectivity to sensitive internal services (Kubernetes API, cloud metadata endpoints, SSH, RDP, database ports). Note that network restrictions do not eliminate the vulnerability but reduce exploitability in shared or untrusted environments.

Share

EUVD-2026-26419 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy