CVE-2026-7873: IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated attackers to execute arbitrary OS commands and read sensitive
Summary
IBM Langflow OSS (an open-source AI framework) versions 1.0.0 through 1.10.0 has a vulnerability that lets authenticated users (those with login access) run arbitrary OS commands (any instructions on the computer's operating system) and access sensitive files like credentials, potentially compromising the entire system and allowing attackers to move to other connected systems. This is classified as a code injection flaw (CVE-2026-7873), where attackers can trick the application into executing malicious code.
Vulnerability Details
9.9(critical)
EPSS: 0.0%
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
network
low
low
none
June 30, 2026
Classification
Affected Vendors
Related Issues
CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e
CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-7873
First tracked: June 30, 2026 at 08:09 PM
Classified by LLM (prompt v3) · confidence: 92%