Privilege Escalation Vulnerability in IBM Langflow OSS
CVE-2026-8635
9.9CRITICAL
What is CVE-2026-8635?
A vulnerability in IBM Langflow OSS versions 1.0.0 through 1.10.0 permits authenticated users to escalate their privileges to superuser. This flaw allows for direct manipulation of the database and the execution of arbitrary system commands, potentially leading to full system compromises while operating under Langflow service permissions. This presents a serious risk to the integrity and security of systems that rely on this software. Users are urged to review advisories provided by IBM to mitigate risks associated with this vulnerability.
Affected Version(s)
Langflow OSS 1.0.0 <= 1.10.0