CVE-2026-9103 PUBLISHED

Unauthenticated Superuser Token Issuance via Auto-Login Endpoint

Assigner: ibm
Reserved: 20.05.2026 Published: 17.07.2026 Updated: 17.07.2026

IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unauthorized access due to improper authentication in the /api/v1/login/auto_login endpoint. The endpoint issues long-lived superuser bearer tokens without requiring authentication when the AUTO_LOGIN configuration is enabled (enabled by default), which may allow an unauthenticated network attacker to obtain full administrative access. Additionally, permissive cross-origin resource sharing (CORS) settings may allow tokens to be exposed to unintended origins, increasing the risk of unauthorized access.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS Score: 9.8

Product Status

Vendor IBM
Product Langflow OSS
Versions
  • affected from 1.0.0 to 1.10.0 (incl.)

Solutions

IBM strongly recommends addressing the vulnerability now by upgrading Langflow OSS to version 1.10.1 https://pypi.org/project/langflow/

Credits

  • Bugbunny (bugbunny-research) Bugbunny @bugbunny_ai bugbunny.ai https://x.com/bugbunny_ai finder

References

Problem Types

  • CWE-306 Missing Authentication for Critical Function CWE