CVE-2026-7871

Published Jun 30, 2026

Last updated 3 days ago

Overview

Description
IBM Langflow OSS 1.0.0 through 1.10.0 allows users with Redis access to execute arbitrary code with full application privileges, compromising all secrets, data, and system integrity.
Source
psirt@us.ibm.com
NVD status
Analyzed
Products
langflow

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

psirt@us.ibm.com
CWE-502

Social media

Hype score
Not currently trending

Configurations

References

Sources include official advisories and independent security research.