CVE-2026-7524
CRITICAL SEVERITYCVSS Score & Metrics
Base Score
9.8 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Description
IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of symbolic links during archive extraction.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-22
Source
NVD
Vendor
langflow
Product
langflow
Discussion (0)
Add Comment
No comments yet. Be the first!