CVE-2026-7871

Source
https://cve.org/CVERecord?id=CVE-2026-7871
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-7871.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-7871
Published
2026-06-30T20:17:31.543Z
Modified
2026-07-15T06:01:30.729521Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

IBM Langflow OSS 1.0.0 through 1.10.0 allows users with Redis access to execute arbitrary code with full application privileges, compromising all secrets, data, and system integrity.

References

Affected packages

Git / github.com/langflow-ai/langflow

Affected ranges

Type
GIT
Repo
https://github.com/langflow-ai/langflow
Events
Database specific
{
    "cpe": "cpe:2.3:a:langflow:langflow:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "1.0.0"
        },
        {
            "last_affected": "1.10.0"
        }
    ],
    "source": "CPE_RANGE"
}

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-7871.json"