{"data":{"id":"3125b187-2d84-4c24-8a08-2e034c0f9077","title":"CVE-2026-10564: IBM Langflow OSS 1.0.0 through 1.9.6 contains a Server-Side Request Forgery (SSRF). The legacy RSSReaderComponent in rss","summary":"IBM Langflow OSS versions 1.0.0 through 1.9.6 have a Server-Side Request Forgery vulnerability (SSRF, where an attacker tricks a server into making requests to unintended targets) in two components that make unvalidated HTTP requests to user-controlled URLs. An authenticated attacker can exploit this to access internal resources like cloud metadata services (systems that store sensitive configuration and credentials for AWS, Azure, or GCP) and potentially steal credentials or map internal networks, or trigger the attack through prompt injection (tricking an AI by hiding malicious instructions in its input) in agentic workflows.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-10564","publishedAt":"2026-06-30T20:17:27.387Z","cveId":"CVE-2026-10564","cweIds":["CWE-918"],"cvssScore":"8.2","cvssSeverity":"high","severity":"high","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["LangChain"],"affectedVendorsRaw":["IBM Langflow","LangChain"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","attackVector":"network","attackComplexity":"low","privilegesRequired":"none","userInteraction":"none","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-06-30T20:17:27.387Z","capecIds":["CAPEC-664"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":["AML.T0010"]}}