Server-Side Request Forgery in IBM Langflow
CVE-2026-10564

8.2HIGH

Key Information:

Vendor: IBM
Status: Langflow Oss
Vendor: CVE Published:; 30 June 2026

What is CVE-2026-10564?

IBM Langflow OSS versions 1.0.0 to 1.9.6 is vulnerable to a Server-Side Request Forgery (SSRF) due to the legacy RSSReaderComponent and SearXNG component making unvalidated HTTP requests to user-controlled URLs. This vulnerability allows authenticated attackers to bypass SSRF protections introduced in version 1.9.3, gaining access to internal resources such as cloud metadata services (AWS, Azure, GCP). This could lead to the exfiltration of sensitive IAM credentials and the enumeration of internal networks. The vulnerability may also be exploited through prompt injection in agentic workflows, particularly when tool_mode is set to True.

Affected Version(s)

Langflow OSS 1.0.0 <= 1.9.6

References

https://www.ibm.com/support/pages/node/7277995

vendor-advisorypatch

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 30, 2026
Vulnerability Reserved
Jun 1, 2026

CVE-2026-10564 Data

JSON