ByteOS Network

NVD Vulnerability Details :

CVE-2026-10561

Undergoing Analysis

Source-psirt@us.ibm.com

Published At-22 Jun, 2026 | 14:16

Updated At-23 Jun, 2026 | 19:17

IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute arbitrary code on the host system, resulting in complete compromise

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	10.0	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
			N/A

Type: Secondary

Version: 3.1

Base score: 10.0

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Type: N/A

Version:

Base score:

Base severity: N/A

Vector:

Weaknesses

CWE ID	Type	Source
CWE-94	Secondary	psirt@us.ibm.com

CWE ID: CWE-94

Type: Secondary

Source: psirt@us.ibm.com

References

Hyperlink	Source	Resource
https://www.ibm.com/support/pages/node/7277242	psirt@us.ibm.com	N/A

Hyperlink: https://www.ibm.com/support/pages/node/7277242

Source: psirt@us.ibm.com

Resource: N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History