CVE-2026-9202 in Langflowinfo

Summary

by MITRE • 07/17/2026

IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to create unlimited user accounts on any Langflow instance; when NEW_USER_IS_ACTIVE=true (documented deployment option), newly created accounts are immediately active and can authenticate to reach RCE endpoints, bypassing the need for AUTO_LOGIN.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 07/18/2026

This vulnerability exists in IBM Langflow Open Source Software versions 1.0.0 through 1.10.0 where an unauthenticated attacker can exploit a flaw in the user account creation mechanism to generate unlimited user accounts on any affected Langflow instance. The vulnerability becomes particularly dangerous when the NEW_USER_IS_ACTIVE=true configuration parameter is enabled, which is documented as a deployment option in the software documentation. When this setting is active, newly created user accounts automatically become immediately active and authenticated, allowing attackers to bypass the standard authentication requirements entirely.

The technical flaw stems from inadequate input validation and access control mechanisms within the user registration endpoint. Attackers can submit crafted requests to create multiple user accounts without requiring any prior authentication or authorization. This represents a critical security weakness that directly violates fundamental principles of secure software design and authentication controls. The vulnerability aligns with CWE-603, which describes the use of weak or predictable random number generators in authentication contexts, and CWE-287, which addresses improper authentication mechanisms. From an operational perspective, this flaw effectively provides attackers with unrestricted access to the application's user management capabilities.

When NEW_USER_IS_ACTIVE=true is configured, the impact becomes exponentially more severe as each created account automatically gains full authentication privileges within the system. This eliminates any need for attackers to perform separate login operations or exploit additional authentication bypasses such as AUTO_LOGIN mechanisms. The attacker can directly access endpoints that are typically restricted to authenticated users, potentially including remote code execution capabilities. This scenario creates a direct path to privilege escalation and system compromise without requiring any authentication credentials or prior access to the system.

The operational impact of this vulnerability extends beyond simple account creation to encompass potential full system compromise through remote code execution endpoints. Attackers can leverage the automatically active accounts to access administrative functions, modify system configurations, extract sensitive data, or establish persistent access within the Langflow environment. The vulnerability also demonstrates poor separation of concerns in the application's security model, where user creation and authentication privileges are not properly separated or controlled. Organizations deploying Langflow with this configuration parameter should immediately implement mitigations including disabling the NEW_USER_IS_ACTIVE option, implementing rate limiting on account creation endpoints, and conducting comprehensive security assessments of all deployed instances to ensure proper access controls are in place.

Organizations should consider implementing network-level controls such as firewall rules to restrict access to user registration endpoints, particularly when these endpoints are exposed externally. The vulnerability also highlights the importance of secure configuration management practices, where deployment options that enable dangerous behaviors should be explicitly disabled by default. Security teams should monitor for unauthorized account creation activities and implement robust logging mechanisms to detect potential exploitation attempts. Additionally, this vulnerability demonstrates the critical need for regular security assessments and penetration testing of open source software deployments to identify and remediate such configuration-based vulnerabilities that can be exploited by unauthenticated attackers. The flaw represents a significant risk to organizations that have not properly configured their Langflow deployments according to security best practices.

Responsible

Ibm

Reservation

05/21/2026

Disclosure

07/17/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

low

Sources

Interested in the pricing of exploits?

See the underground prices here!