CVE-2026-10564

Source
https://cve.org/CVERecord?id=CVE-2026-10564
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-10564.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-10564
Published
2026-06-30T20:17:27.387Z
Modified
2026-07-15T06:21:43.747740Z
Severity
  • 8.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N CVSS Calculator
Summary
[none]
Details

IBM Langflow OSS 1.0.0 through 1.9.6 contains a Server-Side Request Forgery (SSRF). The legacy RSSReaderComponent in rss.py and SearXNG component in searxng.py make unvalidated HTTP requests to user-controlled URLs, bypassing SSRF protections introduced in version 1.9.3. An authenticated attacker can exploit this to access internal resources including cloud metadata services (AWS/Azure/GCP IMDS), potentially exfiltrating IAM credentials and enumerating internal networks. The vulnerability can also be triggered through prompt injection in agentic workflows due to tool_mode=True exposure.

References

Affected packages

Git / github.com/langflow-ai/langflow

Affected ranges

Type
GIT
Repo
https://github.com/langflow-ai/langflow
Events
Database specific
{
    "cpe": "cpe:2.3:a:langflow:langflow:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "1.0.0"
        },
        {
            "last_affected": "1.9.6"
        }
    ],
    "source": "CPE_RANGE"
}

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-10564.json"