CVE-2026-3341: IBM Langflow Desktop 1.0.0 through 1.9.2 IBM Langflow is vulnerable to server-side request forgery (SSRF). This may allo
Summary
IBM Langflow Desktop versions 1.0.0 through 1.9.2 has a vulnerability called SSRF (server-side request forgery, where an attacker tricks the server into making unauthorized requests on their behalf). An authenticated attacker could use this to perform unauthorized network requests from the system, potentially discovering network information or launching further attacks.
Vulnerability Details
5.4(medium)
EPSS: 0.0%
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
network
low
low
none
June 11, 2026
Classification
Affected Vendors
Related Issues
CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e
CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-3341
First tracked: June 12, 2026 at 08:08 AM
Classified by LLM (prompt v3) · confidence: 85%