IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow disclosure of all stored credentials due to the use of a weak and reversible key derivation mechanism for encryption at rest.
IBM strongly recommends addressing the vulnerability now by upgrading Langflow OSS to version 1.10.1