CVE-2026-8635
Severity CVSS v4.0:
Pending analysis
Type:
CWE-94
Code Injection
Publication date:
17/07/2026
Last modified:
17/07/2026
Description
IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges to superuser by directly manipulating the database, execute arbitrary system commands, and achieve full system compromise with Langflow service permissions.
Impact
Base Score 3.x
9.90
Severity 3.x
CRITICAL



