Vulnerability Details CVE-2026-6542
IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flow_id to read transaction logs and vertex build data belonging to other users, and to delete persisted vertex build data for another user's flow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.0%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2026-6542
-
cpe:2.3:a:langflow:langflow:1.0.0
-
cpe:2.3:a:langflow:langflow:1.0.1
-
cpe:2.3:a:langflow:langflow:1.0.10
-
cpe:2.3:a:langflow:langflow:1.0.11
-
cpe:2.3:a:langflow:langflow:1.0.12
-
cpe:2.3:a:langflow:langflow:1.0.13
-
cpe:2.3:a:langflow:langflow:1.0.14
-
cpe:2.3:a:langflow:langflow:1.0.15
-
cpe:2.3:a:langflow:langflow:1.0.16
-
cpe:2.3:a:langflow:langflow:1.0.17
-
cpe:2.3:a:langflow:langflow:1.0.18
-
cpe:2.3:a:langflow:langflow:1.0.19
-
cpe:2.3:a:langflow:langflow:1.0.2
-
cpe:2.3:a:langflow:langflow:1.0.3
-
cpe:2.3:a:langflow:langflow:1.0.4
-
cpe:2.3:a:langflow:langflow:1.0.5
-
cpe:2.3:a:langflow:langflow:1.0.6
-
cpe:2.3:a:langflow:langflow:1.0.7
-
cpe:2.3:a:langflow:langflow:1.0.8
-
cpe:2.3:a:langflow:langflow:1.0.9
-
cpe:2.3:a:langflow:langflow:1.1.0
-
cpe:2.3:a:langflow:langflow:1.1.1
-
cpe:2.3:a:langflow:langflow:1.1.2
-
cpe:2.3:a:langflow:langflow:1.1.3
-
cpe:2.3:a:langflow:langflow:1.1.4
-
cpe:2.3:a:langflow:langflow:1.2.0
-
cpe:2.3:a:langflow:langflow:1.3.0
-
cpe:2.3:a:langflow:langflow:1.3.1
-
cpe:2.3:a:langflow:langflow:1.3.2
-
cpe:2.3:a:langflow:langflow:1.3.3
-
cpe:2.3:a:langflow:langflow:1.3.4
-
cpe:2.3:a:langflow:langflow:1.4.0
-
cpe:2.3:a:langflow:langflow:1.4.1
-
cpe:2.3:a:langflow:langflow:1.4.2
-
cpe:2.3:a:langflow:langflow:1.4.3
-
cpe:2.3:a:langflow:langflow:1.5.0
-
cpe:2.3:a:langflow:langflow:1.5.1
-
cpe:2.3:a:langflow:langflow:1.6.0
-
cpe:2.3:a:langflow:langflow:1.6.1
-
cpe:2.3:a:langflow:langflow:1.6.10
-
cpe:2.3:a:langflow:langflow:1.6.2
-
cpe:2.3:a:langflow:langflow:1.6.3
-
cpe:2.3:a:langflow:langflow:1.6.4
-
cpe:2.3:a:langflow:langflow:1.6.5
-
cpe:2.3:a:langflow:langflow:1.6.6
-
cpe:2.3:a:langflow:langflow:1.6.7
-
cpe:2.3:a:langflow:langflow:1.6.8
-
cpe:2.3:a:langflow:langflow:1.6.9
-
cpe:2.3:a:langflow:langflow:1.7.0
-
cpe:2.3:a:langflow:langflow:1.7.1
-
cpe:2.3:a:langflow:langflow:1.7.2
-
cpe:2.3:a:langflow:langflow:1.7.3
-
cpe:2.3:a:langflow:langflow:1.8.0
-
cpe:2.3:a:langflow:langflow:1.8.1
-
cpe:2.3:a:langflow:langflow:1.8.2
-
cpe:2.3:a:langflow:langflow:1.8.3