Path Traversal Vulnerability in IBM Langflow Product
CVE-2026-8859
9.9CRITICAL
What is CVE-2026-8859?
A path traversal vulnerability exists in IBM Langflow OSS versions 1.0.0 through 1.10.0, allowing attackers to write arbitrary files to unintended locations. This is due to inadequate input validation in the APIRequest component, particularly when the 'Save to File' feature is active. Filenames extracted from HTTP response Content-Disposition headers can be manipulated to include path traversal sequences such as '../'. If an attacker controls an external HTTP server, they can exploit this flaw to perform unauthorized file writes to locations that the Langflow process can access.
Affected Version(s)
Langflow OSS 1.0.0 <= 1.10.0