9.8
/ 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Description
IBM Langflow OSS 1.0.0 through 1.10.0 could allow arbitrary code execution due to improper validation of flow nodes with missing or empty component type fields.
AI Analysis
Arbitrary code execution due to improper validation of flow nodes with missing or empty component type fields
Basic Information
ID
CVE-2026-7803
Source
ibm
Published
Jun 30, 2026 at 19:15
Modified
Jun 30, 2026 at 19:54
Affected Product
Vendor
IBM
Product
Langflow OSS
Version
1.0.0
Affected Versions
IBM Langflow OSS 1.0.0
CWE Classification
AI Assessment
AI Score
9.8 / 10
AI Severity
Critical
Vendor
IBM
Product
Langflow OSS
Version
1.0.0-1.10.0