CVE-2026-8635 PUBLISHED

Arbitrary Code Execution in Python Interpreter Component

Assigner: ibm
Reserved: 14.05.2026 Published: 17.07.2026 Updated: 17.07.2026

IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges to superuser by directly manipulating the database, execute arbitrary system commands, and achieve full system compromise with Langflow service permissions.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVSS Score: 9.9

Product Status

Vendor IBM
Product Langflow OSS
Versions
  • affected from 1.0.0 to 1.10.0 (incl.)

Solutions

IBM strongly recommends addressing the vulnerability now by upgrading Langflow OSS to version 1.10.1 https://pypi.org/project/langflow/

Credits

  • XlabAI (XlabAITeam) xlabai@tencent.com finder

References

Problem Types

  • CWE-94 Improper Control of Generation of Code ('Code Injection') CWE