Server-side Request Forgery Vulnerability in IBM Langflow by IBM
CVE-2026-7754
7.7HIGH
What is CVE-2026-7754?
An insecure default configuration in IBM Langflow affects versions 1.0.0 through 1.10.0, potentially allowing attackers to exploit server-side request forgery (SSRF) vulnerabilities. The incomplete enforcement of protection mechanisms increases the risk of unauthorized access, making it essential for users to promptly review their configurations and apply the necessary security updates to mitigate this risk.
Affected Version(s)
Langflow OSS 1.0.0 <= 1.10.0