Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%
Buy Us a Coffee

Langflow Desktop — Vulnerabilities & Security Advisories 8

All 8 CVE vulnerabilities found in Langflow Desktop, with AI-generated Chinese analysis, references, and POCs.

Vendor: IBM

CVE IDTitleCVSSSeverityPublished
CVE-2026-3341 IBM Langflow Desktop 1.0.0 - 1.9.2 DNS Rebinding Bypasses SSRF Protection Allowing Access to Internal Services CWE-918 5.4 Medium2026-06-11
CVE-2026-6543 Authenticated Remote Code Execution Vulnerability in Langflow Code Validation Endpoint CWE-94 8.8 High2026-04-30
CVE-2026-3345 Path Traversal and Arbitrary File Write Vulnerability in IBM Langflow Desktop API v2 File Upload Endpoint CWE-22 6.5 Medium2026-04-30
CVE-2026-3346 Stored Cross-Site Scripting (XSS) in Langflow Markdown Rendering via rehypeRaw CWE-89 6.4 Medium2026-04-30
CVE-2026-3340 Server-Side Request Forgery (SSRF) in Langflow URL Component CWE-918 6.5 Medium2026-04-30
CVE-2026-4502 Arbitrary File Write and Remote Code Execution Vulnerability in Langflow v2 API CWE-22 6.5 Medium2026-04-30
CVE-2026-4503 Unauthenticated Insecure Direct Object Reference (IDOR) Vulnerability in Langflow Desktop Image Download Endpoint CWE-639 7.5 High2026-04-30
CVE-2026-3357 IBM Langflow Desktop FAISS Vector Store Remote Code Execution via malicious Pickle file CWE-502 8.8 High2026-04-08

All 8 known CVE vulnerabilities affecting Langflow Desktop with full Chinese analysis, references, and POCs where available.