Back to CVE List

CVE-2026-7524

CRITICAL SEVERITY

CVSS Score & Metrics

Base Score
9.8 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Description

IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of symbolic links during archive extraction.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-22
Source
NVD
Vendor
langflow
Product
langflow

External References

Discussion (0)

Add Comment

No comments yet. Be the first!